Forum Discussion

underQualifried's avatar
underQualifried
Iron Contributor
May 20, 2026

I just want to secure AI. DLP vs Info Protection vs DSPM vs Governance vs...

I'm with an MSP, and I've avoided Purview like the plague, because it seems to be suffering from the same 'made by marketing teams' 'strategy' the 365 documentation is. However, it's my understanding Purview policies are needed for Data control of Copilot. 

Here's my issue: all of these different 'solutions' sound like the exact same thing, but are pitched as if they are something different. i'm going to post a couple of descriptions for these 'solutions' to illustrate this. 

'discover, label, and protect sensitive and business-critical info'
'make sure your organization can identify, monitor, and protect sensitive info across the expanding Microsoft 365 landscape'
'discover and secure all your sensitive data across Microsoft 365 and non-365 data sources'
'Discover, label, and protect sensitive and business-critical info across your multicloud data estate.'

I genuinely do not have time to figure out what each of these 'solutions' are, then figure out their policies, then their giant library of settings (below)... It's  not even clear to me what's active NOW, considering we never licensed Purview - but somehow have been roped into it. It SEEMS like these are all variations of marketing terms, which all point to 3-4 actual technical implementations in obscure ways. 

Can someone advise on the ACTUAL technical policies we want to target and enable? Or just give some clarity? I've never felt so overwhelmed or disconnected from Microsoft's environment. We just want to secure our tenant's AI usage. 



ai
copilot
Information Protection
microsoft purview

2 Replies

  • underQualifried's avatar
    underQualifried
    Iron Contributor
    May 20, 2026

    "helps you discover and classify sensitive data, apply consistent protections, and reduce the risk of data loss across ‎Microsoft 365‎" 

    ^^^ description for a solution that is NOT Data Loss Protection. 

    • nikkichapple's avatar
      nikkichapple
      MVP
      May 20, 2026

      Microsoft Purview can feel complex.

      If you are looking at controls to minimise oversharing with Microsoft 365 Copilot and Copilot Chat then it depends on what licensing you have. Note that this applies to the enterprise versions, not the consumer Copilot.

      The options are:

      Available for all licences:

      1. Block content with sensitive data being shared with Copilot. Sensitive data is either the 

        out-of-the-box Sensitive Information Types Microsoft has defined, such as IT credentials, credit card data, etc., or your own custom SIT. 

      If you have E5 compliance or the Purview add-on for Business Premium, then you get additional functionality

      1. Block content labels with Purview sensitivity labels being uploaded or referenced by Copilot
      2. Block sensitive content based on SITs or labelled content being shared with third-party or consumer Gen AI apps in the browser

       

      I have just written a blog on How to Deploy Microsoft Purview DLP for Copilot and Generative AI Deploy Microsoft Purview DLP for Copilot Security  

       

      Microsoft references

      Learn about the default DLP policy for Microsoft 365 Copilot location | Microsoft Learn (available with all licences

      https://learn.microsoft.com/en-us/purview/dlp-microsoft365-copilot-location-learn-about 

       

      Reach out if you need more information