Microsoft is updating how access controls are enforced in Purview Data Explorer and Content Explorer. Administrators should verify that users hold the appropriate role or role group before the change rolls out in May 2026.
Microsoft has started assigning the new Purview workload admin roles in Microsoft Entra, triggering PIM assignment notifications for administrators.
Microsoft has released Extended SharePoint Permissions (ESP) to general availability, keeping SharePoint access controls attached to files even after they leave the library.
Office for the web now supports applying sensitivity labels with user-defined permissions in Word, Excel, and PowerPoint, closing a gap for previously required desktop clients.
Microsoft is enabling Always-on diagnostics for Endpoint DLP by default. This post explains what the feature does, how diagnostic logs are collected, and where to manage the setting.
Microsoft is expanding DLP policy enforcement for Microsoft 365 Copilot to cover Word, Excel, and PowerPoint files regardless of storage location.
Microsoft Purview Data Security Posture Management now supports item-level investigation and remediation for SharePoint and OneDrive files, providing insights into sensitivity label status and sharing link details. Administrators can take direct remediation actions on flagged items, including applying sensitivity labels and removing sharing links.
Microsoft is simplifying access management for Data Security Investigations (DSI) in Purview by automatically adding the DSI Admin and DSI Contributor roles to additional role groups, reducing manual role assignments for teams working across DSPM, IRM, and Microsoft Defender XDR.
Viva Engage communities now support Microsoft Purview sensitivity labels assigned to Microsoft 365 groups and their connected SharePoint sites, bringing consistent privacy and access controls across Viva Engage, Microsoft 365 groups, and SharePoint.
SharePoint admins can now disable site branding for individual site collections via PowerShell. Organizations with a Multi-Geo setup must move theme creation to the primary geo, and branding changes are recorded in Purview Audit Logs.
Microsoft is adding the new Purview RBAC role Purview Agent Deployment, also added to several built-in role groups. Together with the existing Purview Agent roles, organizations can now enforce a clear separation of duties across agent administration, analysis, and deployment.
Admin activities related to Copilot agent management are now recorded in Purview Audit Logs, improving visibility for security and compliance teams. Current logging is limited to Copilot Studio agents only.
Microsoft will retire several legacy SharePoint Online site-scoped compliance features starting in April 2026. Organizations must transition to Microsoft Purview Data Lifecycle Management and Records Management to maintain supported compliance and retention capabilities.
Microsoft is rolling out three new Entra admin roles for Microsoft Purview that are automatically managed through Purview role assignments. These roles should not be assigned directly in Entra, as any manual changes will be overwritten.
Microsoft Purview DLP for Fabric products and generative AI apps in Microsoft Edge will require a Pay-as-You-Go billing model starting at the end of October 2025.
Microsoft retired three licenses, introduced new Microsoft 365 Copilot promotions, and announced the renaming of the E5 mini-suites for Security and Compliance.
Microsoft Purview Data Lifecycle Management introduces Priority Cleanup for SharePoint and OneDrive. This feature allows admins to bypass retention policies and delete content early, such as Teams recordings, transcripts, and Preservation Hold items.
Microsoft is introducing Content Security Policy (CSP) in SharePoint. While it’s currently in Report-only mode, enforcement will block untrusted scripts. SharePoint administrators should review violation reports now and prepare trusted sources before enabling CSP.
If users suddenly can’t sync a SharePoint library or OneDrive shortcut, offline sync settings may have been changed at the site or library level. Purview Audit Logs can help you find who made the change.
Microsoft has released new Defender Security and Purview Compliance add-ons for organizations with Microsoft 365 Business Premium licenses. At the same time, the Viva license with Glint has been removed.