Microsoft Purview in 2025: What’s New?

Why Data Security Needs a Different Approach in the AI Era?

Enterprise data no longer sits in a few databases or file shares. It moves through email, documents, chat, cloud applications, data platforms, and now AI-powered tools. Users create and share data continuously, often across cloud and on-premises boundaries and beyond the traditional network perimeter.

As organizations adopt Microsoft 365 Copilot and other AI tools, they gain clear productivity benefits, but also new risks. They must understand where sensitive data resides and which users or AI applications can access it. They also need assurance that existing security and compliance controls still apply when AI is generating and acting on information at machine speed.

Microsoft’s adaptation to these considerations is Microsoft Purview, positioned as a unified data security and governance platform for the whole data estate, including AI and modern data platforms.

What's Updated in Microsoft Purview?

Microsoft Purview continues to evolve, shifting from disparate compliance tools into a unified, AI-ready platform. The latest updates from November 2025 and Microsoft Ignite reinforce this transition, focusing on deeper integration, AI governance, and automated security operations.

Data Governance: Unified Catalog and Automated Access

Data governance, previously fragmented across regions and tools, has reached a milestone with the General Availability of the Unified Catalog. This consolidates data discovery into a single experience, initially available in the West Central US region.

Manual approval chains are replaced by automated workflows within the Unified Catalog. Organizations can now automate access requests for data products and publish glossary terms, significantly reducing administrative friction.

Sensitivity labels now extend to 11 additional Data Map sources. This ensures consistent protection policies travel with data, whether it lives in Azure, AWS, or third-party warehouses.

Data Security: Granular AI Controls and Network Protection

Microsoft has addressed generative AI risks by enabling admins to block specific Sensitive Information Types in prompts sent to Microsoft 365 Copilot. This prevents users from feeding sensitive data into AI inputs.

A new Generally Available capability prevents Copilot from using files or emails with sensitivity labels to generate response summaries. This ensures confidential documents do not inadvertently feed AI outputs.

With Network Data Security, organizations can enforce DLP policies on network traffic. This prevents users from sharing sensitive files with unmanaged AI apps like personal ChatGPT accounts, creating a barrier against "Shadow AI."

Risk and Compliance: Governing Agents and AI-Powered Investigations

Purview has introduced a "Risky Agents" policy template in Insider Risk Management. This tool detects anomalous behaviors in agents hosted on Copilot Studio and Microsoft Foundry, extending compliance to non-human actors.

Security teams can now use "Search with AI" in Data Security Investigations to query data using natural language. This supplements vector search for faster narrow down items for review.

New Security Copilot Agents for Triage in DLP and Insider Risk Management automate alert analysis. These agents help teams prioritize high-risk incidents more effectively.

Operational Efficiency: Posture Management and Licensing Transparency

Data Security Posture Management for AI now offers custom data risk assessments. These include item-level scanning and remediation for overshared files in SharePoint, allowing for targeted data cleanup.

Managing costs is now transparent with the new Usage Center. Administrators can view billing usage and licensing status in a single dashboard, ensuring organizations realize value from their investment.

Agent Governance: The New Purview for Agent 365

To address the explosion of AI agents, Microsoft has introduced Purview for Agent 365, extending enterprise-grade security to first-party, third-party, and custom-built agents.

With AI Observability in DSPM, organizations gain visibility and risk assessment for agents across Microsoft environments. Admins can assign risk levels to agents and receive guided remediation recommendations. Agentic Risk in Insider Risk Management now includes agent-specific risk indicators to identify behaviors like unauthorized data access.

DLP and Information Protection controls now extend to agent actions. Agents inherit the same protections as human users, preventing them from accessing labeled files or sending Teams messages containing sensitive data. Communication Compliance, Audit, Data Lifecycle Management, and eDiscovery have all been expanded to cover human-agent interactions, enabling proactive detection and policy-based governance.

Developer Security: Purview SDK and Foundry Integration

For developers building custom agents, the Purview SDK embedded in Agent Framework SDK enables the integration of enterprise-grade security directly into the agent's code. This allows automatic classification of sensitive data and prevents data leaks during development.

Purview integration with Microsoft Foundry allows Foundry admins to activate Purview on their subscription, flowing interaction data into Purview for centralized compliance. Additionally, Azure AI Search now honors Purview labels, ensuring only authorized documents are returned in agent retrieval scenarios, preventing data oversharing in RAG workflows.

Operational Efficiency: Posture Management and Licensing Transparency

Data Security Posture Management for AI now offers custom data risk assessments (Preview). These include item-level scanning and remediation for overshared files in SharePoint, allowing for targeted cleanup of risky data rather than broad policies.

Managing costs is now transparent with the new Usage Center (Preview). Administrators can view pay-as-you-go billing usage and per-user licensing status in a single dashboard, ensuring organizations realize value from their investment and pay only for what they use.

Business Value: Why These Changes Matter

The shift in Microsoft Purview isn't just technical; it directly impacts how organizations operate, innovate, and manage risk. These updates provide leaders with the confidence to accelerate AI adoption while keeping their data estate secure and compliant.

Unlocking Safe AI Innovation

Many organizations hesitate to deploy Copilot or custom agents due to fears of data leakage. With granular controls like blocking sensitive prompts and governing AI agents, businesses can now unblock these projects. You can safely encourage innovation, knowing that "guardrails" are in place to prevent AI from accessing or leaking confidential intellectual property.

Reducing "Shadow AI" Risk

Employees often use unapproved AI tools for speed, inadvertently exposing company secrets. By extending protection to the network's edge and unmanaged apps, Purview solves the "Shadow AI" problem. It allows you to secure data without draconian blocks that hinder productivity, keeping your workforce agile but your data safe.

Operational Efficiency and Cost Savings

Security teams are often overwhelmed by alerts and manual processes. The move to automated workflows, AI-powered investigations, and outcome-based posture management drastically reduces manual overhead. Teams spend less time triaging noise and more time on strategic defense, while the new Usage Center ensures you only pay for the security capabilities you actually use.

Holistic Visibility and Trust

With the Unified Catalog and expanded sensitivity labeling, data leaders gain a single, trusted view of their entire estate from Azure to AWS and beyond. This unified visibility builds trust in data quality and governance, enabling faster, data-driven decision-making across the enterprise.

What’s Next?

If your organization is expanding its use of Copilot and AI-driven analytics, contact the consultant at Precio Fishbone to get your tailored organization's AI adoption strategy.

Free consultation