Purview eDiscovery Simplifies Content Searches in February 2026
As part of the modernization of the Purview eDiscovery solution, Microsoft will simplify the content searches UX in February 2026 to remove features that are inappropriate for the way that content searches are intended to be used. The change is logical and reasonable because you should use a full eDiscovery case to access all the eDiscovery functionality. https://office365itpros.com/2026/01/15/content-searches-change/Priority Cleanup for SharePoint Online and OneDrive for Business Is Generally Available
Priority cleanup is a Microsoft Purview solution that allows tenants to remove items even when the items are subject to retention hold. That sounds like Priority cleanup goes against the nature of data governance, but sometimes it's more important to remove items than to keep them for their full retention period. This article explains how Priority Cleanup works and some of the important concepts that you need to master before removing anything. https://practical365.com/priority-cleanup-for-sharepoint/A Quick Look at Purview Data Security Investigations
During the quiet holiday period, I tested the new Purview Data Security Investigations (DSI) solution, which seems to be put together from bits of Microsoft 365 together with Security Copilot and some generative AI. Assembling new solutions from existing components makes sense because it reduces engineering effort. Without real data, it's hard to know how effective DSI is, but the cost of an investigation came as a real surprise. https://office365itpros.com/2026/01/06/data-security-investigation/Modernizing Sensitivity Label Grouping for App Display
Microsoft announced the modernization of grouping for sensitivity labels to a new “dynamic architecture.” It doesn’t take much to be more dynamic than the previous parent-child arrangement. Even if the announcement is a tad overhyped, it’s still goodness because administrators can now move labels between label groups in a way that wasn’t possible before. The new way of displaying labels should be everywhere in December 2025. https://office365itpros.com/2025/10/29/sensitivity-labels-groups/External people can't open files with Sensitivity Label encryption.
Question: What are the best practices for ensuring external users can open files encrypted with Sensitivity Labels? Hi all. I've been investigating proper setup of sensitivity labels in Purview, and the impact on user experience. The prerequisites are simple enough, creating and configuring the labels reasonably straightforward, and publishing them is a breeze. But using them appears to be a different matter! Everything is fine for labels that don't apply encryption (control access) or when used internally. However, the problems come when labels do apply encryption and information is sent externally. The result is that we apply a label to a document, attach that document to an email, and send it externally - and the recipient says they can't open it and they get an error that their email address is not in our directory. This is because due to the encryption, the external user needs to authenticate back to our tenant, and if they're not in our tenant they obviously can't do this so the files won't open. So, back to the question above. What's the easiest / most secure / best way to add any user we might share encrypted content with to our tenant. As I see it we have the following options: Users have to request Admins add the user as a Guest in our tenant before they send the content. Let's face it, they'll not do this and/or get frustrated. Users share encrypted content directly from SharePoint / OneDrive, rather than attaching it to emails (as that would automatically add the external person as a Guest in the tenant). This will be fine in some circumstances, but won't always be appropriate (when you want to send them a point-in-time version of a doc). With good SharePoint setup, site Owners would also have to approve the share before it gets sent which could delay things. Admins add all possible domains that encrypted content might be shared with to Entra B2B Direct Connect (so the external recipient doesn't have to be our tenant). This may not be practical as you often don't know who you'll need to share with and we work with hundreds of organisations. The bigger gotcha is that the external organisation would also have to configure Entra B2B Direct Connect. Admins default Entra B2B Direct Connect to 'Allow All'. This opens up a significant attack surface and also still requires any external organisation to configure Entra B2B Direct Connect as well. I really want to make this work, but it need to be as simple as possible for the end users sharing sensitive or confidential content. And all of the above options seem to have significant down-sides. I'm really hoping someone who uses Sensitivity Labels on a day-to-day basis can provide some help or advice to share their experiences. Thanks, Oz.Purview Priority Cleanup Expands to SharePoint and OneDrive
Purview Priority Cleanup is growing its capabilities to be able to process files stored in SharePoint Online and OneDrive for Business. Public preview begins in mid-August, and the solution should be generally available at the end of September 2025. Removing files without regard for retention holds is much more complicated than removing mailbox items. The question is who needs this feature and how will it be used? https://office365itpros.com/2025/08/13/priority-cleanup-spo-od4b/Microsoft Purview Data Security Posture Management (DSPM) for AI
Now with Microsoft Copilot in Fabric and Microsoft Security Copilot Integration In today’s data-driven world, organizations are racing to adopt AI-powered solutions like Microsoft Copilot in Fabric and Microsoft Security Copilot. While these tools dramatically increase productivity and decision-making capabilities, they also introduce new layers of complexity in securing sensitive data across platforms. To help organizations address these challenges, Microsoft Purview’s Data Security Posture Management (DSPM) is evolving—and now includes support for Microsoft Copilot in Fabric and Microsoft Security Copilot. https://dellenny.com/microsoft-purview-data-security-posture-management-dspm-for-ai/Navigating Compliance with Confidence A Deep Dive into Microsoft Purview Compliance Portal
In today’s evolving digital landscape, organizations face increasing regulatory pressure to secure sensitive data, manage risk, and ensure compliance. Microsoft has stepped up to this challenge with Microsoft Purview, a comprehensive suite for data governance and compliance. At the heart of this suite lies the Microsoft Purview Compliance Portal, a centralized hub that empowers organizations to manage compliance across their Microsoft 365 environment with clarity and confidence. https://dellenny.com/navigating-compliance-with-confidence-a-deep-dive-into-microsoft-purview-compliance-portal/
Purview and auditing file modifications
I have full M365 E5 license and use Purview auditing a lot for investigations. I noticed is reports file modified which is create but some of my files would get modified constantly. I'm curious if it can log and provide a report on what exactly was modified. For example: If text was added or deleted, can it tell me what was added or deleted i.e. the actual text and the action (Add\Delete) If an image was pasted into a word document, can it tell me that? If possible, down to a copy of the image that was inserted? If it can't do this level of detail anyone have suggestions of a product that can?
Compliance search is not returning any data (Powershell)
At our organization, we have an SOP for purging phishing emails from all mailboxes. Part of that is creating a search and then examining it for any legit emails before going on to the purge step. The commands below are no longer returning any data, and they used to work. What has changed? PS C:\Windows\system32> Connect-IPPSSession -UserPrincipalName email address removed for privacy reasons PS C:\Windows\system32> New-ComplianceSearch -Name "Broken" -ExchangeLocation All -ContentMatchQuery 'Subject:"invoice"' Name RunBy JobEndTime Status ---- ----- ---------- ------ Broken NotStarted PS C:\Windows\system32> Start-compliancesearch -identity "broken" PS C:\Windows\system32> Get-compliancesearch -identity "broken" Name RunBy JobEndTime Status ---- ----- ---------- ------ Broken admin 7/14/2025 8:17:09 PM Completed PS C:\Windows\system32> Get-ComplianceSearch -Identity "broken" | >> Select-Object Name, Status, ItemsFound, Size, CreatedBy, CreatedTime | >> Export-Csv -Path "C:\filename.csv" -NoTypeInformation The resultant .csv has only the headers, but no information about emails, so any purge commands have nothing to purge. Thank you
