Microsoft 365 Copilot is expanding declarative agent capabilities to GCC High and DoD environments, enabling agents to move beyond question-answering into direct task execution. Using API plugins, MCP tools, and enterprise connectors, declarative agents can invoke external systems, create records, submit requests, and trigger business processes within a single conversational flow. The Copilot platform dynamically reasons over available actions and selects the appropriate tool to fulfill user intent — enabling multi-step workflows without leaving the chat experience. The feature is currently in development and expected to begin rolling out in June 2026.

Microsoft Purview Insider Risk Management now allows investigators to create cases without immediately downloading content, removing a bottleneck that previously tied case creation to content availability. A new active case limit of 2,000 gives compliance teams significantly more capacity to triage and track potential insider risk events — particularly useful when content download is unnecessary or when teams need to preserve case records while managing download limits. Content download can be initiated at any point while a case remains active, keeping investigations flexible without sacrificing thoroughness. The feature is currently rolling out for GCC High environments.

Microsoft Purview is expanding Data Loss Prevention enforcement to Microsoft 365 Copilot in government cloud environments, enabling real-time controls that prevent Copilot and agents from returning responses when prompts contain sensitive data. When a prompt triggers a DLP policy, Copilot is blocked from using that sensitive data for grounding in Microsoft 365 or the web — stopping potential data leakage at the point of interaction rather than after the fact. This capability extends to Microsoft 365 Copilot and agents built in Copilot Studio published to Microsoft 365 Copilot, giving GCC High organizations enforceable guardrails as Copilot adoption expands into regulated workflows. The feature is currently in development and expected to begin rolling out in June 2026.

Microsoft Purview is expanding sensitivity label enforcement in Word, Excel, and PowerPoint to block all connected experiences that analyze content — closing a gap where previously only a subset of these experiences were restricted. When the “Prevent some connected experiences that analyze content” label setting is applied, files are now prevented from being sent to any Microsoft connected experience for analysis, giving organizations stronger and more consistent control over how labeled content is processed. For GCC High environments where data boundary enforcement is a compliance requirement, this update ensures sensitivity label policy intent is fully honored across the Office application suite. The feature is currently in development and expected to begin rolling out in June 2026.

Microsoft Purview Data Risk Assessments now support item-level investigation and remediation of SharePoint data, giving admins direct visibility into which items are at risk of oversharing alongside sensitivity label and sharing link details. From a single interface, admins can resolve overshared items, notify stakeholders, apply sensitivity labels, or remove sharing links for selected content — moving from insight to enforcement without leaving Purview. For GCC High environments where ensuring sensitive data is accessible only to authorized users is a compliance requirement, this update closes the gap between identifying exposure and acting on it. This feature is currently rolling out and expected to complete in April 2026.

Microsoft Purview is introducing a major evolution of Data Security Posture Management, delivering a unified experience that brings together visibility and control across both traditional data environments and AI-driven workflows. The new DSPM experience features outcome-based guided workflows that help security teams prioritize risks and move faster from insight to remediation, with Security Copilot agents available to automate tasks like triage and policy management. Coverage now extends beyond Microsoft data with third-party signals from partners including BigID, Cyera, OneTrust, and Varonis — giving teams a single view of sensitive data across clouds and platforms. Additional enhancements include AI observability, Data Risk Assessments extended to Microsoft Fabric, and bulk remediation of overshared SharePoint links. The feature is currently in development and expected to begin rolling out in July 2026.

Microsoft Purview Endpoint Data Loss Prevention is expanding coverage to Copilot+ PCs, enabling policy enforcement over Recall snapshots to prevent the capture of windows containing restricted sensitivity labels or sensitive information types. Purview admins can author custom Endpoint DLP policies that integrate directly with Windows Recall setup managed by Intune admins, giving organizations control over what Recall is permitted to capture on Copilot+ devices. For GCC High environments where data exposure risks require proactive enforcement — not just monitoring — this update closes a meaningful gap in endpoint protection as AI-powered PC features become more prevalent. The feature is currently in development and expected to begin rolling out in May 2026.

Microsoft Purview is expanding its presence in the Microsoft Admin Center, giving AI and IT admins direct visibility into oversharing risks and the ability to drive remediations without leaving the admin console. Admins can also assess how much of their sensitive Copilot interactions are protected and enable Purview Data Loss Prevention for Microsoft 365 Copilot from a single location. This update lowers the barrier to securing Copilot adoption by surfacing critical governance controls where admins are already working. The feature is currently in development and expected to begin rolling out in September 2026.

Microsoft Purview is expanding its presence in the Microsoft Admin Center, giving AI and IT admins direct visibility into oversharing risks and the ability to drive remediations without leaving the admin console. Admins can also assess how much of their sensitive Copilot interactions are protected and enable Purview Data Loss Prevention for Microsoft 365 Copilot from a single location. This update lowers the barrier to securing Copilot adoption by surfacing critical governance controls where admins are already working. The feature is currently in development and expected to begin rolling out in September 2026.

Microsoft Purview is expanding Endpoint Data Loss Prevention capabilities on Mac devices by increasing supported file types from approximately 40 to more than 100. This update brings endpoint coverage in line with protections already available across Exchange, SharePoint, and OneDrive, helping organizations eliminate gaps in sensitive data detection. Additional enhancements include improved detection of sensitivity labels, metadata-based classification, and support for formats such as PDF files. By extending DLP visibility and enforcement across a broader range of content, this update helps organizations reduce the risk of undetected data exposure and strengthen overall compliance posture. The feature is currently in development and expected to begin rolling out in April 2026.