sensitive information types

6 Topics

How to identify users handling SITs before purchasing Microsoft Purview licenses?
Posting this on behalf of a customer we are currently advising as a Microsoft Partner. The customer is in the evaluation stage of Microsoft Purview and has raised a licensing concern that we would like the community's guidance on. CUSTOMER'S CONCERN Purview licenses are user-based, meaning every user who directly or indirectly benefits from the service needs to be licensed. However, to determine which users actually handle sensitive data (and therefore require a license), tools like Content Explorer and Activity Explorer are needed — both of which require an E5 or equivalent license to access in the first place. This creates a chicken-and-egg problem for the customer: They need Purview to identify who handles sensitive data, but they need to know who handles sensitive data to decide how many Purview licenses to buy. QUESTIONS ON BEHALF OF THE CUSTOMER 1. Is there an official Microsoft-supported mechanism or tool that allows customers to assess their SIT exposure and identify affected users before committing to a full Purview license purchase? 2. Is it viable for the customer to purchase a single license (1 qty) assigned to an admin account to perform a tenant-wide scoping and discovery exercise — and would that single license provide sufficient access to identify all users handling SITs across the tenant? 3. If the 90-day Purview E5 trial is the recommended path, does Content Explorer automatically scan and surface SIT matches across all users in the tenant without requiring any pre-configured DLP policies or sensitivity labels to be set up first? As a partner, we want to ensure we are guiding our customer toward the correct pre-purchase assessment approach before recommending a licensing SKU and quantity. Any guidance from the community or Microsoft would be greatly appreciated.
Solved
elangamban
Apr 20, 2026 Place Microsoft Purview
53Views
0likes
2Comments
Microsoft Default Credit Card Number is not working effectively.
Hi All, I just observe that Microsoft default SIT for Credit Card is detecting more False Positives, it is detecting the 16 digit transaction numbers, tracking ID's, Receipt numbers and even Microsoft support ticket numbers also detecting as Credit Card Numbers. how can we finetune the Microsoft Default SIT to make sure it should detect only valid Credit Card Numbers.
harish93
Nov 04, 2025 Place Microsoft Purview
206Views
0likes
2Comments
Disease Sensitive Information Type Unusable (SIT) in MI, Need Term Exclusions
My organization is based in Michigan and MI is being flagged in both All Medical Terms and Conditions as well as Diseases (since the former contains the latter). I assume it is associating MI with the abbreviation for myocardial infarction. The majority of our documents have the MI state abbreviation. Diseases is a very important SIT to us since we are a public health organization. It catches a lot of terms that are not found by the ICD-9 and ICD-10 SIT dictionaries. I cannot copy the Disease SIT within Purview to create my own (the option is greyed out since it is an "enhanced classifier" and I haven't been able to access it or export via PowerShell. I have tried creating a custom sensitive info type and Diseases is not an available option to use as a foundation. I would assume it could be found in the Keyword List or Dictionary options, but it isn't present. I really don't have a good starting point for creating my own version of Diseases. Any suggestions would be greatly appreciated. Ideally Purview would allow organizations to use its curated list of SIT options and over-ride them within the SIT or as each SIT is applied within a policy. That way the SIT would be kept current by Microsoft and the exceptions could be applied independently. Updates to the SIT dictionary would then have less impact vs. missing updates by creating a copy for your organization.
cjbethea
Aug 27, 2024 Place Microsoft Purview
236Views
0likes
0Comments
Can I block upload of data based on DLP Policy and/or Sensitivity Label?
Hi everyone, Is there a way to block users from uploading files to the cloud that are identified as Sensitive Information Type/DLP or marked with a Sensitivity Label (SL) via OneDrive Sync and Teams (Windows app)? I know you can block the web version of Teams through Defender for Cloud, but that is not enough. This is because some customers don't want their data to be sent or stored in the cloud. This means that the data needs to be blocked before it reaches the cloud. Users' devices are all managed by Intune and use M365 Apps for Enterprise. Only certain customer data must not be uploaded to the cloud, so we want to use SIT/DLP and SL to identify the data. The solution can be a third party agent/app that needs to be installed on the device. Thanks in advance.
Solved
CSI90
Nov 15, 2023 Place Microsoft Purview
16KViews
1like
3Comments
Export Microsoft Purview SIT results
Hello there! Some time ago, I introduced my partner to Microsoft Purview's sensitive information types. We have been working hard to refine its results by double-checking the false positives. I am now seeking a way to export the results, specifically the number of sensitive information types found per Microsoft Teams, SharePoint, and other platforms. Is there an easy way to do this? While I am able to make an export within the Purview Center, it is very basic and requires me to stitch Excel sheets together. Could someone point me towards useful documentation/ information? Thank you in advance for your help!
Ihab-khiri
Sep 20, 2023 Place Microsoft Purview
1.2KViews
1like
1Comment
Built-in SSN sensitive info type - excluded values
Does Microsoft's built-in SSN sensitive info type exclude any values by default or do we need to customize it to remove potential false positives for scenarios like the following: SSNs beginning with the number "666" in positions 1-3 SSNs beginning with the number "9" SSNs beginning with the number "000" in positions 1-3 SSNs with the numbers "00" in positions 4-5 SSNs with the number "0000" in positions 6-9 SSNs with repeating values. All 1's, 2's, 3's, etc. SSNs in a predictable sequence; 123456789 or 987654321
simpkinspete
Mar 01, 2023 Place Microsoft Purview
754Views
0likes
0Comments