Control 1.6: Microsoft Purview DSPM for AI
Control ID: 1.6 Pillar: Security Regulatory Reference: FINRA Rule 3110, SEC AI priorities, GLBA 501(b), SOX 302 Last UI Verified: February 2026 Governance Levels: Baseline / Recommended / Regulated Last Verified: 2026-02-03
Naming History
This capability was previously known as "AI Hub DSPM" before being rebranded to "Data Security Posture Management for AI (DSPM for AI)" in November 2024. As of February 2026, this experience is now referred to as "DSPM for AI (classic)" as Microsoft is developing a unified "DSPM (preview)" experience that merges DSPM and DSPM for AI into a single Purview experience with enhanced AI observability, agent risk posture assessment, and natural-language search capabilities. The portal navigation remains Purview > DSPM for AI for the classic experience.
Agent 365 Architecture Update
Agent 365 integrates with Microsoft Purview DSPM to provide security posture visibility across all agent types, extending current DSPM coverage beyond individual platforms. See Unified Agent Governance for security posture integration details.
Objective
Implement Data Security Posture Management for AI to gain comprehensive visibility into how Microsoft 365 Copilot, Copilot Studio agents, and other AI applications interact with organizational data. DSPM for AI is the central hub for AI governance, providing monitoring, policy management, risk assessment, and compliance reporting.
Why This Matters for FSI
- FINRA Rule 3110: AI supervision and monitoring - Activity explorer tracks all agent interactions
- SEC AI priorities: Transparency in AI-assisted decisions - Reports show sensitive interactions
- GLBA 501(b): Protection of customer information - Oversharing assessments identify exposure
- SOX 302: Internal controls over AI systems - Policy enforcement and audit trail
- OCC 2011-12: Model risk management - Data risk assessments for AI data exposure
Control Description
DSPM for AI provides comprehensive visibility into AI interactions across Microsoft 365 Copilot, Copilot Studio agents, and third-party AI applications. It helps organizations discover sensitive data exposure, monitor AI usage patterns, and implement protective policies.
Evolving Capability: Microsoft Purview DSPM for AI is an actively developing feature set. Monitor Microsoft Learn documentation for new capabilities and changes to existing functionality.
| Capability | Description |
|---|---|
| AI interaction monitoring | Track all Copilot and agent interactions with audit logging |
| Sensitive data detection | Identify sensitive info in AI prompts and responses |
| Recommendations | Guided security improvements with prioritized actions |
| Policy integration | Unified view of DLP, Insider Risk, Communication Compliance policies |
| Oversharing assessment | Identify and remediate data exposure risks |
| Activity explorer | Detailed interaction logs for investigation and compliance |
Security Event Consistency
DSPM Activity Explorer completeness may be affected when ingesting Defender agent activity events. Blocked prompt events from Copilot Studio agents may not consistently appear in Defender advanced hunting, which can affect the completeness of activity data surfaced in DSPM. Monitor Microsoft updates on Defender event consistency for Copilot Studio agents.
Supported AI Workloads
DSPM for AI monitors the following AI applications and workloads:
| Workload | Coverage | Notes |
|---|---|---|
| Microsoft 365 Copilot | Full | Embedded Copilot in Word, Excel, PowerPoint, Outlook, Teams |
| Copilot Studio agents | Full | Custom agents published to Microsoft 365 |
| Agent Builder agents | Full | Declarative agents created in Agent Builder |
| ChatGPT Enterprise | Extended | Requires browser extension and extended insights |
| Google Gemini | Extended | Requires browser extension and extended insights |
| Entra-registered apps with Purview SDK | Extended | Custom apps using Microsoft Purview SDK for data classification |
| Third-party AI apps | Extended | Apps integrated via Purview SDK or browser extension |
| Microsoft Foundry | Extended | Microsoft Foundry workloads registered via Purview SDK integration |
Extended Insights Configuration
To monitor third-party AI applications (ChatGPT Enterprise, Gemini, custom apps), complete the "Extended Insights" step in DSPM for AI Get Started wizard. This requires deploying the Microsoft Purview Browser Extension to managed devices.
Weekly Risk Assessments
DSPM for AI includes automated weekly risk assessments to identify data exposure risks in SharePoint sites accessed by AI agents. These assessments provide comprehensive visibility into oversharing, sensitivity label coverage, and data access patterns.
| Feature | Status | Description | Configuration |
|---|---|---|---|
| Default Weekly Assessment | GA | Automated weekly scan of top 100 SharePoint sites | Purview > DSPM for AI > Data risk assessments |
| Custom Site Assessment | GA | On-demand assessment for specific sites | Purview > DSPM for AI > New Assessment |
| Sensitivity Label Detection | GA | Identifies unlabeled or mislabeled content in AI-accessible sites | Integrated with assessment results |
| Oversharing Detection | GA | Identifies sites with broad sharing permissions accessible by AI | Assessment > Protect tab |
| Unified DSPM Experience | Preview (June 2026) | Consolidation of DSPM and DSPM for AI into single experience (see Enhanced DSPM AI Observability subsection below) | Not yet available |
Preview — Planned for June 2026
The Unified DSPM experience will consolidate DSPM and DSPM for AI into a single Purview experience. This timeline is subject to change.
Assessment Schedule Details:
- Default Assessment: Automatically runs weekly for the top 100 SharePoint sites based on usage
- Initial delay: 4 days before first results display
- Wait time for updates: At least 48 hours after assessment completion before results refresh
- Custom assessments: Can be triggered manually for specific sites beyond top 100
Dashboard Guidance:
The DSPM for AI dashboard provides four tabs for comprehensive risk visibility:
| Tab | Purpose | Key Metrics | FSI Action |
|---|---|---|---|
| Overview | Summary insights per site/workspace | Sites scanned, sensitive items found, risk score | Weekly executive review |
| Identify | Data scanned vs. not scanned for SITs | Coverage percentage, unscanned volumes | Prioritize unscanned high-risk sites |
| Protect | Oversharing remediation options | Sites with org-wide sharing, external sharing | Remediate within 14-day SLA (Zone 3) |
| Monitor | Sharing breakdown by access type | Specific people, external, organization-wide, group-based | Track sharing trends month-over-month |
Remediation Workflows:
When DSPM assessments identify data exposure risks, implement remediation workflows appropriate to your governance zone:
- Oversharing Remediation: Restrict broad sharing permissions on flagged sites
- Review sites with organization-wide or external sharing in Protect tab
- Update SharePoint site permissions to restrict access
- Apply sharing policy restrictions at site or tenant level
-
Document remediation actions in compliance tracking system
-
Label Remediation: Apply sensitivity labels to unlabeled content in AI-accessible locations
- Review unlabeled volumes in Identify tab
- Apply auto-labeling policies for high-volume content
- Conduct manual labeling for sensitive content requiring review
- Track labeling coverage improvements month-over-month
Zone-Specific Remediation SLAs:
| Zone | Remediation SLA | Escalation |
|---|---|---|
| Zone 1 | 30 days | AI Governance Lead |
| Zone 2 | 14 days | Compliance Officer |
| Zone 3 | 7 days | CISO + Compliance Officer |
Enhanced DSPM AI Observability
Preview Feature
The unified DSPM experience consolidating DSPM and DSPM for AI is in preview. GA rollout expected June 2026 (per MC1191257). Feature availability and UI may change before general availability.
The unified DSPM experience represents Microsoft's evolution toward a single pane of glass for data security posture management across all data types, including AI-specific interactions. Enhanced DSPM AI Observability capabilities provide deeper visibility into agent risk profiles, advanced activity filtering, and unified dashboards that help FSI organizations meet comprehensive monitoring requirements.
Key Characteristics:
- Consolidated Experience: Single Purview interface combining traditional DSPM (data security across all locations) with DSPM for AI (agent-specific monitoring)
- Agent Risk Observability: Per-agent risk scoring based on data sensitivity, access patterns, and policy violations
- Enhanced Activity Explorer: Improved filtering, search capabilities, and export functionality for AI-specific event investigation
- Unified Dashboard: Comprehensive data security posture view eliminating the need to navigate between separate DSPM and DSPM for AI interfaces
- Data Classification Insights: Enhanced visibility into how AI agents interact with classified data, including unlabeled content detection and sensitivity mismatch identification
FSI Use Case: Organizations subject to FINRA Rule 3110 supervision requirements benefit from centralized agent risk dashboards that surface high-risk agents immediately, enabling prioritized review workflows. The unified experience streamlines compliance reporting by consolidating AI and non-AI data security metrics into a single export.
Enhanced DSPM AI Observability Capabilities:
| Capability | Classic DSPM for AI | Unified DSPM Experience (Preview) | FSI Benefit |
|---|---|---|---|
| Agent Risk Dashboards | Basic usage metrics per agent | Per-agent risk scores with contributing factors (data sensitivity, access patterns, policy violations) | Prioritized supervision of high-risk agents for FINRA 3110 compliance |
| Activity Explorer | Standard filtering by agent, user, timeframe | Enhanced filters with advanced search, multi-dimensional correlation, improved export | Faster investigation for SEC exam responses and OCC audit trails |
| Data Classification Visibility | Sensitivity label detection in weekly assessments | Real-time classification insights showing agent interactions with labeled/unlabeled data | Proactive detection of GLBA 501(b) customer information exposure before weekly assessment cycle |
| Dashboard Experience | Separate DSPM and DSPM for AI dashboards | Single unified dashboard with drill-down from overall posture to AI-specific risks | Simplified executive reporting and reduced admin overhead |
| Remediation Workflows | Manual correlation between DSPM findings and AI activity | Integrated remediation with direct links from agent risk findings to relevant policy controls | Faster response to data exposure incidents, supporting SOX 302 internal control requirements |
Prepare Now — Pre-GA Configuration Steps:
Organizations can prepare for the unified DSPM experience migration before general availability:
- Verify Current DSPM for AI Configuration: Complete all four Get Started steps (Audit, Browser Extension, Device Onboarding, Extended Insights) to ensure baseline coverage
- Review and Remediate Findings: Address current weekly risk assessment findings and oversharing issues to establish a clean baseline before unified experience migration
- Document Activity Explorer Filters: Export current saved searches and filter configurations from classic DSPM for AI Activity Explorer for recreation in unified experience
- Enable Extended Insights for Third-Party AI: If monitoring ChatGPT Enterprise, Gemini, or other third-party AI apps, ensure extended insights are configured to maintain visibility post-migration
- Prepare for Unified Dashboard Migration: Ensure all data sources (SharePoint, OneDrive, Exchange, Teams) are connected to DSPM to enable comprehensive unified dashboard visibility
- Review Current Reporting Cadence: Document existing DSPM for AI review schedules (daily Activity Explorer checks for Zone 3, weekly report reviews for Zone 2) to maintain continuity post-migration
Regulatory Mapping: Enhanced DSPM AI Observability capabilities help support FINRA Rule 3110 supervision requirements through comprehensive AI interaction monitoring and per-agent risk scoring. The unified experience aids in meeting SEC AI priorities for transparent agent data access reporting. OCC 2011-12 model risk management benefits from continuous agent risk assessment and classification insights that detect scope drift and excessive data access patterns.
Key Configuration Points
DSPM for AI Naming Update (2025)
The original DSPM for AI capability is now labeled "DSPM for AI (classic)" in the Microsoft Purview portal. A new unified Data Security Posture Management experience is in preview, providing expanded capabilities including AI observability, data security objectives, posture reports, and the Purview Posture Agent. This control currently documents DSPM for AI (classic) capabilities. The framework will incorporate the unified DSPM experience as it reaches general availability.
- Complete all 4 Get Started steps in DSPM for AI (classic): Audit, Browser Extension, Device Onboarding, Extended Insights
- Review and implement high-priority recommendations
- Enable AI-specific DLP policies visible in DSPM for AI (classic) Policies view
- Configure Activity explorer filters for enterprise agent monitoring
- Monitor weekly risk assessment results in DSPM for AI (classic) dashboard
- Review all four dashboard tabs (Overview, Identify, Protect, Monitor) for risk insights
- Configure remediation workflows for oversharing findings
- Set up assessment notification alerts for new findings
- Run custom assessments for high-priority sites beyond top 100
- Enable Insider Risk Management for Zone 2-3 agents
- Export Activity explorer data for compliance evidence
- Monitor unified DSPM experience preview for GA migration readiness (June 2026)
Zone-Specific Requirements
| Zone | Requirement | Rationale |
|---|---|---|
| Zone 1 (Personal) | Monthly dashboard review; basic monitoring | Low risk, reduced friction |
| Zone 2 (Team) | Weekly report review; DLP + DSPM policies enabled | Shared agents require consistent controls |
| Zone 3 (Enterprise) | Daily Activity explorer review; all policy types enabled; 6-year retention | Highest audit/regulatory risk |
Roles & Responsibilities
| Role | Responsibility |
|---|---|
| Purview Compliance Admin | Full DSPM access; configuration and setup |
| Entra Security Admin | View reports and policies; Defender XDR integration with DSPM for AI observability data |
| Insider Risk Management Admin | IRM integration and risk monitoring |
| AI Governance Lead | Overall AI governance strategy |
| AI Administrator | Delegated management of AI-related DSPM settings and Copilot configuration |
Related Controls
| Control | Relationship |
|---|---|
| 1.5 - DLP and Sensitivity Labels | Data protection policies integrated in DSPM |
| 1.7 - Audit Logging | Required dependency; provides activity data |
| 1.8 - Runtime Protection and External Threat Detection | Defender for Cloud Apps agent activity events flow to DSPM Activity Explorer |
| 1.12 - Insider Risk Detection | Risk management integration |
| 1.10 - Communication Compliance | Content monitoring integration |
Implementation Playbooks
Step-by-Step Implementation
This control has detailed playbooks for implementation, automation, testing, and troubleshooting:
- Portal Walkthrough — Step-by-step portal configuration
- PowerShell Setup — Automation scripts
- Verification & Testing — Test cases and evidence collection
- Troubleshooting — Common issues and resolutions
Verification Criteria
Confirm control effectiveness by verifying:
- DSPM for AI is accessible in Purview portal
- All 4 Get Started steps show completed
- Recommendations are tracked with completion status
- Reports show AI interaction data with sensitive info detection
- Activity explorer logs AI interactions with export capability
- Weekly risk assessments are running and producing results
- Dashboard tabs (Overview, Identify, Protect, Monitor) display current data
- Oversharing remediation actions are tracked and completed within SLA
- Data risk assessments can run and identify overshared items
Additional Resources
- Microsoft Learn: DSPM for AI Overview
- Microsoft Learn: DSPM for AI Considerations
- Microsoft Learn: Activity Explorer
- Microsoft Learn: Insider Risk Management
- Microsoft Learn: Purview Audit
Agent Essentials (Preview)
Note: The following resources are preview documentation and may change.
- Microsoft Learn: Agent Deployment Checklist (Preview) - Category 7 data security requirements align with DSPM policies
Agent 365 Blueprint Data Governance (Preview)
Note: The following guidance applies to Blueprint-registered agents using the Agent 365 SDK.
DSPM for AI provides enhanced visibility into Agent 365 Blueprint-registered agents through integration with the Observability SDK. This enables comprehensive data governance across the agent lifecycle.
Blueprint → DSPM Data Flow:
Agent 365 SDK → Observability SDK → Application Insights → DSPM Activity Explorer
↓ ↓
Blueprint Metadata Prompt/Response Telemetry
(data sources, permissions) (sensitive data detection)
| DSPM Capability | Agent 365 Integration | FSI Benefit |
|---|---|---|
| Activity Explorer | Ingests Agent 365 telemetry via Observability SDK | Complete audit trail of agent interactions |
| Oversharing Assessment | Evaluates Blueprint-declared data sources | Identifies excessive data access at registration |
| Sensitive Data Detection | Analyzes SDK-captured prompts/responses | Detects NPI exposure in agent conversations |
| Policy Recommendations | Includes Agent 365-specific guidance | Tailored DLP/IRM recommendations for agents |
Blueprint-Specific Data Classification Requirements:
- Data Source Declaration - Blueprint registration requires explicit declaration of data sources
- Permission Scope Validation - DSPM evaluates whether declared permissions match data sensitivity
- Runtime Monitoring - Observability SDK telemetry feeds DSPM for continuous data access monitoring
Configuration for Agent 365:
- Enable DSPM for AI extended insights (Get Started > Extended Insights)
- Configure Application Insights integration for Agent 365 SDK agents
- Create Activity Explorer filter for
ApplicationIdmatching Agent 365 workloads - Run oversharing assessment including Blueprint-registered agent data sources
- Review recommendations for Agent 365-specific data protection policies
Zone-Specific DSPM Requirements for Agent 365:
| Zone | Requirement |
|---|---|
| Zone 1 | DSPM monitoring optional for personal agents |
| Zone 2 | DSPM Activity Explorer review weekly; Blueprint data source validation |
| Zone 3 | Daily DSPM review required; Oversharing assessment before Blueprint promotion |
For DLP policy configuration specific to Agent 365, see Control 1.5 - DLP and Sensitivity Labels.
Updated: February 2026 | Version: v1.3 | UI Verification Status: Current