Entra ID

Microsoft Purview and Entra Add Real-Time AI DLP

2 min read

Summary

Microsoft has announced a public preview that extends data protection to the network layer using Microsoft Purview and Microsoft Entra. The integration helps organizations detect and block sensitive data moving to unmanaged SaaS, personal cloud storage, and generative AI apps in real time, reducing data leakage risk before exposure occurs.

Need help with Entra ID?Talk to an Expert

Introduction

Microsoft is expanding data protection beyond endpoints and managed apps as sensitive information increasingly moves through SaaS platforms, personal cloud storage, and generative AI tools. For IT and security teams, this matters because traditional DLP often detects issues only after data has already left the organization.

What’s new

Microsoft has announced a public preview of network-layer data security powered by Microsoft Purview and Microsoft Entra.

Key capabilities include:

  • Real-time detection and enforcement for sensitive data in transit
  • Visibility into data shared with shadow AI tools, unmanaged SaaS apps, and personal cloud repositories
  • The ability to block or limit exposure based on identity, user activity, and data sensitivity
  • Correlated investigation workflows across Microsoft Purview, Microsoft Entra, and Microsoft Defender
  • A unified policy model so Purview classification and DLP policies can also be enforced at the network layer through Entra

Microsoft says this approach helps protect data across browser sessions, SaaS usage, and AI interactions, including prompts, responses, and file uploads.

Why it matters for administrators

This update gives security teams more control over scenarios that have been difficult to govern with traditional tools. Examples include:

  • Users pasting confidential data into consumer AI apps
  • Uploading work files to personal cloud storage
  • Sharing content through unmanaged webmail or SaaS apps
  • Data exposure through unsanctioned plugins or add-ins

Because enforcement is identity-aware, policies can adapt to the user and their risk context instead of applying the same restriction to everyone. That can improve protection without adding unnecessary friction for end users.

Licensing and availability

The capability is available in public preview. Microsoft notes that network data security is included in Microsoft 365 E7 and is also available for customers with Purview ME5 (or equivalent) plus Entra Internet Access (or equivalent).

Next steps

Admins should review existing Purview classifications and DLP policies to determine whether they are ready for network-layer enforcement. It’s also a good time to identify unmanaged AI and SaaS usage patterns, assess licensing requirements, and evaluate the preview in a controlled rollout.

Organizations adopting AI at scale should pay close attention here: Microsoft is positioning this as a key step toward protecting sensitive data before it leaves the business, not after.

Need help with Entra ID?

Our experts can help you implement and optimize your Microsoft solutions.

Talk to an Expert

Stay updated on Microsoft technologies

Microsoft EntraMicrosoft PurviewDLPAI securitySaaS security

Related Posts

Entra ID

Entra PIM Custom Extensions Preview for Role Activation

Microsoft has introduced preview support for custom extensions in Microsoft Entra Privileged Identity Management, allowing organizations to call a REST API during role activation to enforce business-specific rules. This helps IT teams automate checks such as ticket validation, HR status, compliance gates, and on-call logic while improving auditability and reducing manual approval gaps.

Entra ID

Microsoft Entra Backup and Recovery GA Now Available

Microsoft Entra Backup and Recovery is now generally available for customers with Entra ID P1 or P2, bringing built-in recovery for critical identity objects across workforce tenants. The release extends retention from 5 to 7 days and adds more flexibility for snapshots, difference reports, and recovery jobs, helping IT teams respond faster to accidental or malicious changes.

Entra ID

Microsoft Entra AI Security Webinar Series Announced

Microsoft has launched a three-part Microsoft Entra and Purview webinar series focused on securing AI at scale. The sessions cover identity, access, data protection, browser and network controls, and governance for AI agents, giving IT teams practical guidance for safer AI adoption.

Entra ID

Azure AD B2C Migration Tools Now Available

Microsoft has released generally available migration tools and guidance to help Azure AD B2C customers move to Microsoft Entra External ID. With Azure AD B2C no longer receiving new features, these new options give IT teams a clearer path to modernize customer identity while reducing migration risk.

Entra ID

Microsoft Entra ID Security Updates: Key 2026 Changes

Microsoft is making three important Microsoft Entra ID security changes in 2026: retiring Custom controls in favor of External MFA, enforcing Conditional Access more consistently during credential registration, and requiring explicitly registered authentication methods for SSPR. These updates matter because they close policy enforcement gaps, improve identity security, and require admins to review configurations before enforcement deadlines arrive.

Entra ID

Global Secure Access Operations Guide Now Available

Microsoft has published a new Microsoft Entra Global Secure Access operations guide on Microsoft Learn to help teams manage day 2 operations after deployment. The guide provides prescriptive monitoring, health checks, role assignments, templates, and automation guidance so IT teams can run Global Secure Access more consistently and proactively.