Protecting Your Sensitive Data with Microsoft Purview - IRMS 2025
Session | Protecting Your Sensitive Data with Microsoft Purview: Practical Information Protection and DLP Strategies Presenter | Nikki Chapple (MVP| Principal Cloud Architect CloudWay) & Ryan John Murphy (Microsoft) Event | IRMS Conference 2025 Format | Birmingham UK Date | 18-20 May 2025 In this closing keynote session from the IRMS Conference 2025, Nikki Chapple and Ryan John Murphy deliver a compelling and practical guide to data protection, compliance, and information governance using Microsoft Purview. As organizations generate over 2 billion pieces of content daily in Microsoft 365, the need for robust data classification, sensitivity labeling, and Data Loss Prevention (DLP) has never been more urgent. This session addresses the growing challenge of managing unstructured data, with 73% of sensitive content remaining undiscovered and unclassified. Using a mountaineering metaphor, the speakers introduce the “Secure by Default” blueprint—a four-phase maturity model designed to help organizations scale their data security journey with confidence, clarity, and control. 🔐 Key Topics and Microsoft 365 Security Features Covered: Microsoft Purview Information Protection and DLP Sensitivity labels, auto-labeling, and adaptive protection Data discovery, classification, and content labeling DLP for both labeled and unlabeled content SharePoint Advanced Management for workspace governance Microsoft 365 compliance center best practices Real-world case study: reducing 42 sensitivity labels to 4 parent labels Empowering users through training, change management, and adoption strategies 🧭 The Secure by Default Path – Microsoft Purview Maturity Model: Foundational – Apply default sensitivity labels at content creation; train users to manage exceptions; implement DLP for labeled content. Managed – Focus on crown jewel data; use client-side auto-labeling; apply DLP to unlabeled content; enable adaptive protection. Optimized – Auto-label historical content; simulate and test policies; use advanced classifiers to identify sensitive data at scale. Strategic – Conduct operational reviews; identify new labeling scenarios; implement workspace governance using SharePoint Advanced Management. 🎒 Top Takeaways for Information Management Professionals: Start secure. Stay protected. Expand with purpose. Simplify your sensitivity label taxonomy for better adoption. Train your users—they are your first line of defense. Don’t wait for perfection—start small and iterate fast. Align your data protection strategy with business goals and regulatory requirements. 💡 Who Should Watch This Presentation? This session is ideal for compliance officers, IT administrators, records managers, data protection officers (DPOs), security architects, and Microsoft 365 governance leads. Whether you're in the public sector, financial services, healthcare, or education. 🔗 Read the blog: https://nikkichapple.com/irms-conference-2025/
Protecting Your Sensitive Data with Microsoft Purview - IRMS 2025
- 2. Protecting Your Sensitive Data with Microsoft Purview Practical Information Protection and DLP Strategies Nikki Chapple | MVP and Ryan John Murphy | Microsoft
- 6. • Microsoft Teams users 320 million • SharePoint users 190 million • SharePoint sites created per day 2 million • Pieces of content created daily 2 billion
- 7. 73% of unstructured sensitive data is undiscovered and unclassified The State of Data Loss Prevention - Current Struggles and Future Expectations by the Enterprise Strategy Group (ESG)
- 9. Agenda
- 10. Would you climb Everest without a guide? Then why secure your data without a strategy?
- 11. Microsoft Purview the tools to help you climb to the peak
- 12. The Secure by Default Path with Microsoft Purview Phase 2: Managed Phase 3: Optimised Phase 4: Strategic Phase 1: Foundational
- 13. Secure by Default by Microsoft Purview
- 14. 1️⃣ Foundational: New/Updated Content
- 15. Default sensitivity labels on content, libraries & containers
- 16. DLP for labeled content
- 17. Train users
- 19. Identity and label priority sites
- 20. Client- side Auto labelling for priority content
- 21. DLP for unlabelled content-based data and metadata
- 23. 3️⃣ Optimized: Historical Content
- 24. Simulate auto-labeling sensitive files at rest
- 25. Auto-labeling with advanced classifiers
- 26. 4️⃣ Strategic: Continuous Improvements
- 28. Identify new labeling scenarios Trusted partners Multi-tenanted organizations Tented projects Full-Time Employees Regional/country
- 29. Workspace governance using SharePoint Advanced Management
- 30. The Secure by Default Path with Microsoft Purview Phase 2: Managed Phase 3: Optimised Phase 4: Strategic Phase 1: Foundational
- 31. From Chaos to Control 42 sensitivity labels 4 labels plus 2 sub labels
- 33. Top tips for Planning your Journey Start Today Keep it simple Train users Don’t wait for perfection
- 37. Useful Microsoft Purview Links • Notes from engineering - Purview deployment models | Microsoft Learn • Learn about Microsoft Purview | Microsoft Learn • Microsoft Learn Purview Training • Study guide for Exam SC-401: Administering Information Security in Microsoft 365 | Microsoft Learn • Category: Microsoft Purview | Microsoft Community Hub • The Microsoft 365 Maturity Model – Governance, Risk, and Compliance Competency | Microsoft Learn • Nikki Chapple | Microsoft MVP | Data Security + Governance • MSFT Compliance; Blogs, Vlogs, News & Announcements • All Things M365 Compliance – YouTube • All Things M365 Compliance | Podcast on Spotify • Microsoft eDiscovery in Depth: Become an expert in Microsoft Purview content search and eDiscovery: Amazon.co.uk: Ryan John Murphy, Heather Eckman: 9781835462706: Books