Especially for Those Who Write About Technology
Like everyone else who writes about Microsoft technology, I could get upset by the latest outbreak of branding mania which brings us the Microsoft Purview suite. The grand pronouncement telling us that the future of compliance and data governance is here left me cold.
The announcement features the normal Microsoft mix of new names, previously announced stuff (like co-authoring of protected documents on mobile devices), extensions for existing capabilities (like 51 new sensitive information types for use in DLP and auto-label policies), and genuinely-interesting advances (like multi-stage disposition for items at the end of their retention period). The latter is due in public preview in May 2022. In essence, you’ll be able to apply a new retention label to items automatically when the retention period of the original label expires and set off a new retention cycle. And yes, this will require a high-end license.
Bringing Purview Together
At first glance, you might conclude that Microsoft assembled an array of loosely-connected add-ons and existing capabilities and applied Microsoft Purview as a common prefix. Some have called the resulting suite “Purview for E5” on the basis that you need Office 365 E5 or other high-end licenses to use its capabilities. I can see how this feeling might exist because many of the services do require high-end licenses. However, some do not, like Microsoft Purview Information Protection (aka MIP or sensitivity labels) or Microsoft Purview Data Loss Prevention (DLP), both of which deliver a lot of functionality to Office 365 E3 tenants.
Admittingly, both MIP and DLP have E5 caveats. Any automatic application of sensitivity labels through auto-label policies, trainable classifiers, or default labels ups the ante to E5, and while DLP is happy to process Exchange Online, SharePoint Online, and OneDrive for Business with an E3 license, ask it to consider information leakage in a Teams chat or channel conversation, and DLP demands E5.
The devil is in the detail when it comes to licensing any aspect of Microsoft 365 compliance, both in the past and heading into the Purview future, which is why it’s good to have a copy of the Detailed Microsoft Compliance Licensing Comparison XLS. The spreadsheet is dated April 2021, but that’s OK as it’s soon to be renamed the Microsoft Purview Licensing Comparison XLS…
New Sensitive Information Types
Running Get-DlpSensitiveInformationType now returns 262 sensitive information types published by Microsoft (or classifiers, as the new term seems to be), plus whatever custom information types a tenant defines. That’s a bunch of entities to test content against in DLP and other policies managed by Microsoft Purview Information Protection.
Revealed at Ignite 2021 last November, and available in tenants, the new sensitive information types include bundled and unbundled entities. A bundled entity is simply a collection of sensitive information types managed as a single type. For example, if you add the All Medical Terms and Conditions type to a DLP policy, DLP can detect any medical term or condition found in SharePoint, Exchange, and Teams content.
An unbundled entity is a sensitive information type that stands on its own. It can be used in a DLP policy to detect specific information, or it can be used as part of a bundled entity. For example, the Ireland Physical Addresses type is an unbundled entity, but it’s also part of the All Physical Addresses bundled entity. The update includes types to detect addresses in 38 countries and 10 specific types covering medical terms and conditions, like Blood Test Terms.
Being from Ireland, it’s natural to try out the Ireland Physical Addresses type. The (now renamed) Microsoft Purview Compliance portal offers the chance to test sensitive information types against input files. I created a text file with my home address in it, used it as input for a test, and was a little disappointed to find that the matches weren’t quite as good as I hoped (Figure 1).
Unlike other sensitive information types, which you can edit to see the criteria used for matching, Microsoft doesn’t support editing of the new types yet, so I couldn’t see how I could improve the test results. In any case, I’m sure the sensitive information type will be better in a policy, once I figure out what kind of policy to use it in.
And Now to Book Updates
Apart from documenting new functionality as it becomes available, the Office 365 for IT Pros eBook team also keeps our text current with Microsoft naming. Or at least, we do our best to. We’ve been through the recent Microsoft Defender rebranding and now we’ll update chapters to use all the approved Microsoft Purview product names. It’s a pain because the time spent chasing brand names takes away from the time available to investigate how Microsoft 365 works. Microsoft couldn’t be rebranding just to distract our attention, could they?