Protect sensitive data in a digital world

Discover how Microsoft Purview helps organizations classify, protect, and monitor sensitive data across cloud, endpoint, and AI environments. This module explores strategies for securing data through classification, labeling, encryption, and proactive risk management.

• Introduction
• The growing need for data protection
• The challenges of managing sensitive data
• Protect data in a Zero Trust world
• Understand data classification and protection
• Prevent data leaks and insider threats
• Manage security alerts and respond to threats
• Protect AI-generated and AI-processed data

  Learn about the information available to help you understand your data landscape and know your data.

Classify data for protection and governance

• Introduction
• Data classification overview
• Classify data using sensitive information types
• Classify data using trainable classifiers
• Create a custom trainable classifier

Review and analyze data classification and protection

Discover how Microsoft Purview helps organizations monitor and analyze data classification and protection. This module explores how security teams can track classification trends, investigate labeled content, and assess policy effectiveness using Information Protection Reports, Data explorer, Content explorer, and Activity explorer.

• Introduction
• Review classification and protection insights
• Analyze classified data with data and content explorer
• Monitor and review actions on labeled data

Create and manage sensitive information types

Learn how to use sensitive information types to support your information protection strategy.

• Introduction
• Sensitive information type overview
• Compare built-in versus custom sensitive information types
• Create and manage custom sensitive information types
• Create and manage exact data match sensitive info types
• Implement document fingerprinting
• Describe named entities
• Create a keyword dictionary

Create and configure sensitivity labels with Microsoft Purview

Microsoft Purview sensitivity labels enable you to classify and protect sensitive data throughout your organization, including in the cloud and on devices. This module covers how to classify and protect sensitive information to ensure its security and compliance.

• Introduction
• Sensitivity label overview
• Create and configure sensitivity labels and label policies
• Configure encryption with sensitivity labels
• Implement auto-labeling policies
• Track and evaluate sensitivity label usage in Microsoft Purview

Apply sensitivity labels for data protection

Learn about how sensitivity labels are used to classify and protect business data while making sure that user productivity and their ability to collaborate aren't hindered.

• Introduction
• Foundations of sensitivity label integration in Microsoft 365
• Manage sensitivity labels in Office apps
• Apply sensitivity labels with Microsoft 365 Copilot for secure collaboration
• Protect meetings with sensitivity labels
• Apply sensitivity labels to Microsoft Teams, Microsoft 365 groups, and SharePoint sites

Classify and protect on-premises data with Microsoft Purview

Learn how to classify and protect sensitive data stored on-premises using Microsoft Purview. This module guides you through deploying the Information Protection scanner, applying sensitivity labels, and enforcing DLP policies to reduce data exposure risks.

• Introduction
• Protect on-premises files with Microsoft Purview
• Prepare your environment for the Microsoft Purview Information Protection scanner
• Configure and install the Microsoft Purview Information Protection scanner
• Run and manage the scanner
• Enforce data loss prevention policies on on-premises files

Understand Microsoft 365 encryption

Learn how Microsoft 365 encrypts data-at-rest and in-transit, securely manages encryption keys, and provides key management options to customers to meet their business needs and compliance obligations.

• Introduction to Microsoft 365 encryption
• Learn how Microsoft 365 data is encrypted at rest
• Understand service encryption in Microsoft Purview
• Explore customer key management using Customer Key
• Learn how data is encrypted in-transit

Protect email with Microsoft Purview Message Encryption

Learn how to configure Microsoft Purview Message Encryption to protect sensitive email, apply encryption with mail flow rules, and customize the recipient experience with branded templates.

• Introduction
• Understand message encryption
• Plan for Microsoft Purview Message Encryption
• Configure Microsoft Purview Message Encryption
• Customize encrypted email branding with Microsoft Purview
• Control encrypted email access with Advanced Message Encryption
• Use Microsoft Purview Message Encryption templates in mail flow rules

Understand and plan data loss prevention

Effective data loss prevention (DLP) starts with understanding how risk is evaluated and how protection decisions are applied. This module focuses on the concepts and planning considerations that help organizations design DLP policies that protect sensitive data without disrupting everyday work.

• Understand the role of data loss prevention (DLP)
• Understand how DLP applies protection
• Plan and design DLP policies
• Understand DLP deployment and simulation mode
• Evaluate advanced DLP controls for your environment

Create and manage data loss prevention policies

Effective data loss prevention (DLP) policies are shaped by a series of deliberate decisions rather than individual settings. Clear intent, well-defined detection, appropriate scope, and measured actions determine how policies behave in real workflows. Validation and ongoing adjustment help ensure protection remains effective as risk and usage change.

• Understand how DLP policy decisions fit together
• Choose a template or create a custom policy
• Define what the policy detects
• Align policy scope to risk
• Define how the policy responds
• Validate policy behavior using simulation mode
• Manage DLP policies
• Adjust enforcement dynamically based on risk
• Guided walkthrough: Create a DLP policy

Implement endpoint data loss prevention (DLP) with Microsoft Purview

Endpoint DLP in Microsoft Purview helps organizations protect sensitive data on endpoint devices by monitoring, restricting, or allowing actions such as file transfers, copying, and sharing. Learn how to onboard devices, configure settings, and create custom policies to ensure data security across your organization.

• Endpoint data loss prevention (DLP) overview
• Understand the endpoint DLP implementation workflow
• Onboard devices for endpoint DLP
• Configure settings for endpoint DLP
• Create and manage endpoint DLP policies
• Deploy the Microsoft Purview browser extension
• Configure just-in-time (JIT) protection

Configure DLP policies for Microsoft Defender for Cloud Apps and Power Platform

Learn how to configure and implement data loss prevention policies and integrate them with Microsoft Defender for Cloud Apps.

• Configure data loss prevention policies for Power Platform
• Integrate data loss prevention in Microsoft Defender for Cloud Apps
• Configure policies in Microsoft Defender for Cloud Apps
• Manage data loss prevention violations in Microsoft Defender for Cloud Apps

Investigate and respond to Microsoft Purview Data Loss Prevention alerts

Microsoft Purview and Microsoft Defender XDR help organizations detect potential data loss risks and respond quickly to protect sensitive information. Investigation and response activities include reviewing DLP alerts, applying appropriate remediation actions, and documenting findings in a structured and consistent way.

• Understand data loss prevention (DLP) alerts
• Understand the DLP alert lifecycle
• Configure DLP policies to generate alerts
• Investigate DLP alerts in Microsoft Purview
• Investigate DLP alerts in Microsoft Defender XDR
• Investigate DLP alerts with Security Copilot and AI agents
• Respond to DLP alerts
• Exercise - Investigate a DLP alert and related incident

Understand retention in Microsoft Purview

Microsoft Purview retention helps organizations manage how long data is kept and when it can be deleted. Learn how to apply retention strategically to meet compliance requirements, reduce risk, and protect important information throughout its lifecycle.

• Overview of retention and the data lifecycle
• Understand retention labels and retention policies
• Decide when to apply retention

Implement and manage Microsoft 365 retention and recovery

Microsoft Purview provides tools to manage how long content is retained and when it's deleted across Microsoft 365 services. These retention settings apply lifecycle rules using labels, policies, and adaptive scopes. When content is deleted, recovery options are managed within the individual services, such as SharePoint and Exchange. Together, these tools support compliance and information security by reducing the risk of retaining unnecessary or outdated data.

• Plan for retention and disposition with retention labels
• Create and publish retention labels
• Create and manage auto-apply retention labels
• Create and configure adaptive scopes
• Create and configure retention policies
• Understand policy and label precedence in Microsoft Purview
• Recover content in Microsoft 365 workloads

Understand Microsoft Purview Insider Risk Management

Understand insider risks and discover how Microsoft Purview Insider Risk Management identifies risky activities, analyzes context, and helps organizations protect data while respecting privacy.

• What is an insider risk?
• Microsoft Purview Insider Risk Management overview
• Microsoft Purview Insider Risk Management features
• Case study: Protect sensitive data with Insider Risk Management

Prepare for Microsoft Purview Insider Risk Management

Discover strategies for planning and configuring Microsoft Purview Insider Risk Management to meet organizational needs and protect privacy.

• Plan for Insider Risk Management
• Prepare your organization for Insider Risk Management
• Configure settings for Insider Risk Management
• Integrate Insider Risk Management with data sources and tools

Create and manage Insider Risk Management policies

Create and manage Microsoft Purview Insider Risk Management policies to detect and address potential insider risks while supporting organizational security and privacy.

• Understand Insider Risk Management policy templates
• Compare quick and custom insider risk policies
• Create a custom Insider Risk Management policy
• Manage policies in Insider Risk Management

Investigate insider risk alerts and related activity

Investigate insider risk alerts and manage related cases in Microsoft Purview to assess user behavior, take appropriate action, and coordinate deeper reviews across teams.

• Understand insider risk alerts and investigations
• Manage alert volume in insider risk management
• Investigate and triage insider risk alerts in Microsoft Purview
• Investigate insider risk alerts with Security Copilot and AI agents
• Analyze alert context with the All risk factors tab
• Investigate activity details with the Activity explorer tab
• Review patterns over time with the User activity tab
• Investigate insider risk alerts in Microsoft Defender XDR
• Manage and take action on insider risk cases
• Exercise - Investigate potential data theft using Insider Risk Management

Implement Adaptive Protection in Insider Risk Management

Understand how Adaptive Protection applies machine learning to assess user risk and automatically enforce the right level of security controls. By dynamically assigning Data loss prevention, Data lifecycle management, and Conditional Access policies, it strengthens data security while reducing unnecessary alerts and manual intervention.

• Adaptive Protection overview
• Understand and configure risk levels in Adaptive Protection
• Configure Adaptive Protection
• Manage Adaptive Protection

Search and investigate with Microsoft Purview Audit

Enhance data security and compliance with Microsoft Purview Audit by configuring detailed audits, managing logs, and analyzing access patterns.

• Microsoft Purview Audit overview
• Configure and manage Microsoft Purview Audit
• Conduct searches with Audit (Standard)
• Audit Microsoft Copilot for Microsoft 365 interactions
• Investigate activities with Audit (Premium)
• Export audit log data
• Configure audit retention with Audit (Premium)

Search for content with Microsoft Purview eDiscovery

Use Microsoft Purview eDiscovery to search for content across Microsoft 365. This module covers how to configure cases, define search criteria, and locate messages, files, and other organizational data.

• Understand eDiscovery and content search capabilities
• Prerequisites for using eDiscovery in Microsoft Purview
• Create an eDiscovery search
• Conduct an eDiscovery search
• Export eDiscovery search results