check before: 2026-04-30
Product:
Entra, Microsoft 365 suite, Purview, Purview Communication Compliance, Purview Information Protection
Platform:
Online, Web, World tenant
Status:
In development
Change type:
Admin impact, New feature, Updated message
Links:
Details:
Summary:
Microsoft Purview Information Protection now allows admins to exclude modern Microsoft 365 groups and include non-mail-enabled and dynamic security groups in sensitivity label policies. Rollout begins late April 2026 (public preview) and mid-June 2026 (general availability). No user impact unless policies are updated.
Details:
Updated April 10, 2026: We have updated the timeline. Thank you for your patience.
[Introduction]
Purview Information Protection admins can now exclude modern Microsoft 365 groups and scope sensitivity label policies to dynamic and non-mail enabled security groups. These capabilities give admins more flexibility, expanding policy targeting beyond individual users and mail-enabled groups.
This message is associated with Microsoft 365 Roadmap ID 558685.
[When this will happen:]
Public Preview: We will begin rolling out late April 2026 and expect to complete by mid-May 2026.
General Availability: We will begin rolling out mid-June 2026 (previously late May) and expect to complete by late June 2026 (previously late May).
Change Category:
XXXXXXX ... free basic plan only
Scope:
XXXXXXX ... free basic plan only
Release Phase:
General Availability, Preview
Created:
2026-03-27
updated:
2026-04-11
Public Preview Start Date
XXXXXXX ... free basic plan only
Task Type
XXXXXXX ... free basic plan only
Docu to Check
XXXXXXX ... free basic plan only
MS How does it affect me
XXXXXXX ... free basic plan only
MS Preperations
XXXXXXX ... free basic plan only
MS Urgency
XXXXXXX ... free basic plan only
MS workload name
XXXXXXX ... free basic plan only
linked item details
XXXXXXX ... free basic plan only
summary for non-techies**
XXXXXXX ... free basic plan only
Direct effects for Operations**
Policy Misconfiguration
If sensitivity label policies are updated without proper preparation, it may lead to misconfigurations that could expose sensitive data to unauthorized users.
- roles: Information Protection Admins, Compliance Officers
- references: https://learn.microsoft.com/purview/create-sensitivity-labels?tabs=classic-label-scheme#publish-sensitivity-labels, https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=558685
User Access Issues
Changes in sensitivity label policies without adequate preparation may result in users being unable to access necessary resources or data due to incorrect label application.
- roles: End Users, IT Support Staff
- references: https://learn.microsoft.com/purview/create-sensitivity-labels?tabs=classic-label-scheme#publish-sensitivity-labels, https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=558685
Configutation Options**
XXXXXXX ... paid membership only
Data Protection**
XXXXXXX ... paid membership only
IT Security**
XXXXXXX ... paid membership only
explanation for non-techies**
XXXXXXX ... free basic plan only
** AI generated content. This information must be reviewed before use.
a free basic plan is required to see more details. Sign up here
A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.
change history
| Date | Property | old | new |
| 2026-04-11 | MC MessageTagNames | New feature, Admin impact | Updated message, New feature, Admin impact |
| 2026-04-11 | MC Summary | Microsoft Purview Information Protection admins can now exclude modern Microsoft 365 groups and include dynamic, non-mail-enabled security groups in sensitivity label policies. This expands policy targeting flexibility without impacting users unless policies are updated. Rollout begins April 2026 with general availability in late May 2026. | Microsoft Purview Information Protection now allows admins to exclude modern Microsoft 365 groups and include non-mail-enabled and dynamic security groups in sensitivity label policies. Rollout begins late April 2026 (public preview) and mid-June 2026 (general availability). No user impact unless policies are updated. |
| 2026-04-11 | MC Last Updated | 03/27/2026 00:39:25 | 2026-04-10T21:26:07Z |
| 2026-04-11 | MC Messages | [Introduction]
Purview Information Protection admins can now exclude modern Microsoft 365 groups and scope sensitivity label policies to dynamic and non-mail enabled security groups. These capabilities give admins more flexibility, expanding policy targeting beyond individual users and mail-enabled groups. This message is associated with Microsoft 365 Roadmap ID 558685. [When this will happen:] Public Preview: We will begin rolling out late April 2026 and expect to complete by mid-May 2026. General Availability: We will begin rolling out late May 2026 and expect to complete by late May 2026. | Updated April 10, 2026: We have updated the timeline. Thank you for your patience.
[Introduction] Purview Information Protection admins can now exclude modern Microsoft 365 groups and scope sensitivity label policies to dynamic and non-mail enabled security groups. These capabilities give admins more flexibility, expanding policy targeting beyond individual users and mail-enabled groups. This message is associated with Microsoft 365 Roadmap ID 558685. [When this will happen:] Public Preview: We will begin rolling out late April 2026 and expect to complete by mid-May 2026. General Availability: We will begin rolling out mid-June 2026 (previously late May) and expect to complete by late June 2026 (previously late May). |
| 2026-04-11 | MC Title | Microsoft Purview: Information Protection – Extended scoping capabilities for sensitivity label policies | (Updated) Microsoft Purview: Information Protection – Extended scoping capabilities for sensitivity label policies |
| 2026-04-11 | MC End Time | 07/01/2026 09:00:00 | 2026-07-27T09:00:00Z |
Last updated 16 hours ago ago
