Microsoft to Extends DLP Support for Copilot to Prevent Sensitive File Processing - CybersecurityNews

Home Cyber Security News Microsoft to Extends DLP Support for Copilot to Prevent Sensitive File Processing Microsoft Extends DLP Support Copilot Purview Data Loss Prevention (DLP) controls are being expanded to block Microsoft 365 Copilot from processing sensitivity-labeled files across all storage locations, including local devices. The change aims to close a critical governance gap in enterprise AI deployments. Previously, DLP policy enforcement for Copilot was limited to files stored in SharePoint Online and OneDrive for Business. This created a significant blind spot: files stored locally on an employee’s device, or accessible via a network drive, could still be ingested by Copilot. Even if the organization had DLP policies in place to restrict sensitive content3 Microsoft’s update directly addresses this limitation by extending coverage to every location where Office files may reside. How the DLP Extension Works The technical change is rooted in how Copilot’s augmentation loop (AugLoop) retrieves sensitivity label information. Previously, AugLoop called Microsoft Graph using the file’s SharePoint or OneDrive URL to detect a file’s label. This method inherently excluded locally stored files. With this update, Office clients have been enhanced to provide the sensitivity label directly to AugLoop on the client side, eliminating the need for a cloud-based URL lookup. This architectural change enables DLP policies to evaluate and enforce restrictions consistently, regardless of whether the file resides in OneDrive, SharePoint, a network drive, or a local device. When an active DLP policy detects that a file carries a restricted sensitivity label, Copilot is blocked from processing the file’s content in Word, Excel, or PowerPoint. Detail Information Roadmap ID 557255 Message ID MC1234661 Affected Apps Word, Excel, PowerPoint Rollout Start Late March 2026 Rollout Complete Late April 2026 Required License Microsoft 365 Copilot + M365 E5 Policy Changes Needed None Default State On (for tenants with DLP rules) ​ l tenants that have relevant DLP rules already configured, and no policy migration or reconfiguration is required. Existing policies will continue to function exactly as before; they simply gain broader enforcement coverage automatically.​ Rollout Timeline and Requirements Microsoft has confirmed this update under Roadmap ID 557255 and Message ID MC1234661. General availability for Worldwide and GCC environments is scheduled to begin in late March 2026. It is expected to be completed by late April 2026. Administrators who manage Purview DLP policies are advised to review any existing sensitivity-label-based restrictions and update internal helpdesk documentation accordingly. Communication to security and compliance teams is also recommended to ensure awareness of the expanded enforcement scope.​ Organizations currently relying on Microsoft 365 Copilot should note that a Microsoft 365 Copilot license, paired with a Microsoft 365 E5 license or an equivalent, is required to leverage this DLP feature fully. This update does not alter Copilot’s core functionality; it solely strengthens the governance boundary around what content Copilot is permitted to access and process.​​ Follow us on Google News, LinkedIn, and X to Get More Instant Updates, Set CSN as a Preferred Source in Google. RELATED ARTICLESMORE FROM AUTHOR Cyber Security News IBM Uncovers ‘Slopoly,’ Likely AI-Generated Malware Used in Hive0163 Ransomware Attack Cyber Security News Qihoo 360 Leaked Its Own Wildcard SSL Private Key Inside Public AI Installer Cyber Security News Fake FileZilla Downloads Lead to RAT Infections Through Stealthy Multi-Stage Loader Top 10 Essential E-Signature Solutions for Cybersecurity in 2026 January 31, 2026 Top 10 Best Data Removal Services In 2026 January 29, 2026 Best VPN Services of 2026: Fast, Secure & Affordable January 26, 2026 Top 10 Best Data Security Companies in 2026 January 23, 2026 Top 15 Best Ethical Hacking Tools – 2026 January 15, 2026