Microsoft Purview Endpoint Data Loss Prevention is expanding coverage to Copilot+ PCs, enabling policy enforcement over Recall snapshots to prevent the capture of windows containing restricted sensitivity labels or sensitive information types. Purview admins can author custom Endpoint DLP policies that integrate directly with Windows Recall setup managed by Intune admins, giving organizations control over what Recall is permitted to capture on Copilot+ devices. For GCC High environments where data exposure risks require proactive enforcement — not just monitoring — this update closes a meaningful gap in endpoint protection as AI-powered PC features become more prevalent. The feature is currently in development and expected to begin rolling out in May 2026.

Microsoft Purview is expanding its presence in the Microsoft Admin Center, giving AI and IT admins direct visibility into oversharing risks and the ability to drive remediations without leaving the admin console. Admins can also assess how much of their sensitive Copilot interactions are protected and enable Purview Data Loss Prevention for Microsoft 365 Copilot from a single location. This update lowers the barrier to securing Copilot adoption by surfacing critical governance controls where admins are already working. The feature is currently in development and expected to begin rolling out in September 2026.

Microsoft Purview is expanding its presence in the Microsoft Admin Center, giving AI and IT admins direct visibility into oversharing risks and the ability to drive remediations without leaving the admin console. Admins can also assess how much of their sensitive Copilot interactions are protected and enable Purview Data Loss Prevention for Microsoft 365 Copilot from a single location. This update lowers the barrier to securing Copilot adoption by surfacing critical governance controls where admins are already working. The feature is currently in development and expected to begin rolling out in September 2026.

Microsoft Purview is expanding Endpoint Data Loss Prevention capabilities on Mac devices by increasing supported file types from approximately 40 to more than 100. This update brings endpoint coverage in line with protections already available across Exchange, SharePoint, and OneDrive, helping organizations eliminate gaps in sensitive data detection. Additional enhancements include improved detection of sensitivity labels, metadata-based classification, and support for formats such as PDF files. By extending DLP visibility and enforcement across a broader range of content, this update helps organizations reduce the risk of undetected data exposure and strengthen overall compliance posture. The feature is currently in development and expected to begin rolling out in April 2026.

Microsoft is introducing a new SharePoint admin policy that allows organizations to automatically expire “People in your organization” sharing links after a defined period. Administrators can configure expiration timelines—such as 30 days, 90 days, or a custom duration—to ensure internal sharing links do not remain active indefinitely. This update helps organizations strengthen data governance by reducing the risk of unintended long-term access to shared content, supporting better control over internal data exposure across SharePoint and OneDrive environments. The feature is rolling out beginning March 2026 for GCC High and DoD environments.

Microsoft Purview is expanding Data Security Posture Management (DSPM) capabilities with new item-level investigation and remediation tools for SharePoint data risk assessments. Administrators will gain deeper visibility into potentially overshared content through insights such as sensitivity labels and sharing link details. From the same interface, organizations will be able to take direct remediation actions, including notifying users, applying sensitivity labels, or removing sharing links for specific items. This update helps security and compliance teams quickly reduce data exposure, strengthen governance controls, and ensure sensitive information remains accessible only to the appropriate users. The feature is currently in development and expected to arrive in April 2026 for GCC and GCC High environments.

Microsoft is introducing recommended threshold guidance within the Insider Risk Management policy wizard in the Microsoft Purview compliance portal. Administrators will be able to receive tailored threshold recommendations for built-in insider risk indicators, helping organizations fine-tune policies and generate a more effective volume of alerts. By guiding administrators toward balanced alert thresholds, the update helps reduce noise while improving the detection of potential insider risks such as data leakage, IP theft, and policy violations. The feature is currently in development and expected to arrive in March 2026 across GCC and GCC High environments.

Microsoft Purview is enhancing Activity Explorer to provide greater visibility into sensitive data flagged in Exchange Online. With this update, administrators will be able to preview email attachments directly within Activity Explorer without needing to download the message. Previously, only the email body was viewable, limiting insight into the full scope of flagged content. This improvement allows compliance and security teams to investigate potential data exposure more quickly while keeping sensitive content within governed review workflows. The feature has launched for GCC and GCC High environments.

Microsoft Places is expanding support to GCC High and DoD environments, bringing its AI-powered workplace coordination capabilities into secure government clouds. Microsoft Places helps organizations plan and optimize in-person collaboration by connecting people, space, and schedules more effectively. With this expansion, regulated tenants gain access to modern workplace planning tools while maintaining the security and compliance standards required in GCC High and DoD environments. The feature is currently in development and is expected to begin rolling out in March 2026.

Microsoft Purview Insider Risk Management is introducing the ability to preview content directly within Insider Risk Management alerts, eliminating the need to create a case before reviewing referenced files. Administrators with appropriate permissions will be able to preview relevant content directly within Activity Explorer as part of the alert investigation workflow. This enhancement reduces investigative friction, accelerates triage, and keeps review processes contained within governed security tooling. The feature is currently in development with expected availability beginning June 2026 for GCC High and DoD environments.