A few days ago Microsoft announced several new features regarding its generative artificial intelligence tools for enterprises and some of them refer to Microsoft Purview.
Many organizations have implemented or are thinking of implementing an AI strategy, but they face major security, compliance and data privacy challenges that, if not addressed in a convenient way, can slow down that development.
This is why Microsoft Purview was born. This tool from the Redmond company is designed to make it easier for organizations to govern, protect and comprehensively manage their entire data estate.
In November the firm led by Satya Nadella announced a private preview in its Microsoft Purview AI Hub. With it, enterprises can automatically and continuously discover data security risks in Microsoft Copilot for Microsoft 365 and provide organizations with an aggregated view of the total prompts being sent to Copilot and the sensitive information included in the prompts.
In addition, organizations can see an aggregated view of the number of users interacting with Copilot and their associated risk level: high, medium or low. In addition, Microsoft has been extending those capabilities to be able to do something similar for more than a hundred of the most widely used consumer generative AI applications, such as ChatGPT, Bard, Dall-e and others.
With Pureview's AI Hub, administrators with the right permissions can drill down to understand activity and access details, such as time of activity, policy name or sensitive information included in the A message.
This AI hub or hub has been built by Microsoft prioritizing privacy, so there are different access controls depending on each role.
Some Microsoft Purview applications
Since a few months ago there is an application called Microsoft Purview Data Loss Prevention that can prevent users from pasting sensitive data into AI generative messages in the public preview when accessed through supported web browsers.
Since November there is also Adaptive Protection to make those policies dynamic, preventing high-risk users from interacting with sensitive data in AI prompts, while low-risk users can still maintain productivity.
Other features of this software include:
- Microsoft Purview Audit: Allows you to be able to audit and understand when a user requests assistance from Copilot and what assets are affected in the response.
- Microsoft Purview eDiscovery: Enables organizations to have visibility and control over the data that Copilot interacts with and to be able to identify, preserve, collect, review interactions and export them for legal or regulatory purposes.
- Microsoft Purview Data Lifecycle Management: Gives organizations the flexibility to decide for themselves how to manage promptness and response data.
- Microsoft Purview Communications Compliance: This capability enables investigators with appropriate permissions to identify potential regulatory or business compliance risks and violations.
What's New in Microsoft Purview
In its latest update Microsoft has been empowered with new insights, including visibility into untagged data and SharePoint sites referenced by Copilot for Microsoft 365. This helps you prioritize the risks to your most critical data and avoid potential oversharing of sensitive data.
On the other hand, AI hub will also provide insights into non-compliant uses to uncover unethical uses in AI interactions that may violate code of conduct or regulatory requirements and involve hate, employment discrimination, money laundering, etc.
Microsoft has announced four new Microsoft Purview Compliance Manager assessment templates to help organizations comply with, among other things, the new EU AI law. In addition, NIST AI RMF, ISO/IEC 23894:2023 and ISO/IEC. 42001. Each assessment provides control guidance and recommended actions.
Microsoft Purview A Hub has been available as a public preview version for customers since May 6. Users who so desire can enjoy a 1-month free trial.