AI Governance (DSPM)
Data Security Posture Management goes GA May 2026. Surfaces AI-related data risks, leverages Security Copilot agents for triage. 99% of organizations have already had sensitive data exposure via AI tools. Visibility before breach matters.
Unified Catalog + Data Quality
Automated scanning, data quality rules in SQL expression (now GA), incremental scans, Lakehouse indicators. Error records published to cloud storage for stewards to review. Governance that's operational, not just documented.
Fabric + Lakehouse DLP
Expanded DLP coverage now reaches Fabric Lakehouse environments, not just M365. Sensitivity labels apply from OneLake through to Power BI reports and Copilot responses. One policy, enforced across the full stack.
Lineage + Audit Trail
Full lineage from source system to Power BI visual. Audit log for every data access, transformation, and report generation. Regulatory evidence ready (SOX, HIPAA, SEC) without manual documentation effort.
Domain-Based Governance
Federated model: Finance, HR, Product each own their data within centrally defined guardrails. Data products with health scores. Domain stewards with clear accountability. Governance that scales because it's distributed, not centralized.
Copilot Oversharing Remediation
Purview is now integrated into the M365 admin center. Identify oversharing risks before Copilot exposes them. DLP policies enforced on Copilot interactions. Compliance confidence before you scale AI adoption.