check before: 2025-12-05
Product:
Purview, Purview Communication Compliance, Purview compliance portal, Purview Data Loss Prevention, SharePoint
Platform:
Online, US Instances, Web, World tenant
Status:
Rolling out
Change type:
New feature, Admin impact
Links:
(526797)
Details:
Summary:
Microsoft Purview Data Loss Prevention will support assigning SharePoint Online sites to administrative units, allowing DLP policies to apply only within those units. This feature, rolling out mid to late December 2025, requires no action before rollout and enables more granular policy management for admins.
Details:
[Introduction]
We're adding support for assigning Microsoft SharePoint Online sites to existing administrative units in Microsoft Purview Data Loss Prevention (DLP). When you assign a DLP policy for SharePoint to an administrative unit, the policy will apply only to sites within that unit. This enhancement helps organizations manage policies more granularly and align with administrative boundaries.
Learn more about Admin units: Administrative units in Microsoft Purview portal | Microsoft Learn
This message is associated with Microsoft 365 Roadmap ID 526797.
[When this will happen:]
General Availability (GCC, GCC High, DoD): Rollout begins mid-December 2025 and is expected to complete by late December 2025.
Change Category:
XXXXXXX ... free basic plan only
Scope:
XXXXXXX ... free basic plan only
Release Phase:
General Availability
Created:
2025-12-05
updated:
2025-12-05
Task Type
XXXXXXX ... free basic plan only
Docu to Check
XXXXXXX ... free basic plan only
MS How does it affect me
XXXXXXX ... free basic plan only
MS Preperations
XXXXXXX ... free basic plan only
MS Urgency
XXXXXXX ... free basic plan only
MS workload name
XXXXXXX ... free basic plan only
linked item details
XXXXXXX ... free basic plan only
Pictures
XXXXXXX ... free basic plan only
summary for non-techies**
XXXXXXX ... free basic plan only
Direct effects for Operations**
Granular Policy Management
Without preparation, admins may misconfigure DLP policies leading to unintended data exposure or compliance issues, as policies will apply only to specific administrative units.
- roles: DLP Admins, Compliance Officers
- references: https://learn.microsoft.com/purview/dlp-policy-reference?branch=main#support-for-adding-sharepoint-sites-to-administrative-units, https://learn.microsoft.com/purview/purview-admin-units
User Experience
If DLP policies are not properly scoped, end-users may face disruptions in accessing SharePoint sites or experience inconsistent data handling practices, affecting their workflow.
- roles: End Users, IT Support Staff
- references: https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=526797, https://learn.microsoft.com/purview/purview-admin-units
Configutation Options**
XXXXXXX ... paid membership only
Data Protection**
XXXXXXX ... paid membership only
IT Security**
XXXXXXX ... paid membership only
explanation for non-techies**
Microsoft is introducing a new feature for its Purview Data Loss Prevention (DLP) system that will allow administrators to assign SharePoint Online sites to specific administrative units. Think of administrative units like departments within a company. Just as a company might have separate teams for marketing, finance, and HR, administrative units allow you to group certain SharePoint sites together. This means that DLP policies, which are rules designed to prevent sensitive information from being shared inappropriately, can be applied only to specific groups of sites rather than across the entire organization.
Imagine you have a filing cabinet where each drawer represents a different department in your office. Previously, if you wanted to lock the cabinet to prevent unauthorized access, you had to lock all the drawers at once. Now, with this new feature, you can choose to lock only the drawers that contain sensitive information, leaving the others accessible. This gives you more control and flexibility over who can access what information.
For administrators, this means they can tailor their DLP policies more precisely. If a particular department deals with highly sensitive data, such as financial records, the admin can apply stricter policies to that department's SharePoint sites without affecting other departments that may not require such stringent measures. This feature will be automatically available by the end of December 2025, and no initial setup is needed. Admins can simply start using it to better manage their organization's data protection needs.
In essence, this update allows for more efficient and targeted data protection, ensuring that only the necessary areas are under strict supervision, much like having a security system that focuses on the most vulnerable parts of a building rather than applying the same level of security everywhere.
** AI generated content. This information must be reviewed before use.
a free basic plan is required to see more details. Sign up here
A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.
Last updated 4 weeks ago ago
