MC933531: Microsoft Purview | Information Protection: Auto-labeling for Microsoft Azure Storage and Azure SQL

Announcement IDMC933531Published Date11-13-2024
ServiceGeneralLast Updated11-13-2024
CategoryPlan for changeExpiration Date07-30-2025
Roadmap ID429876Action Required by Date
TagsAdmin impact, New feature


Summary
                Auto-labeling for Microsoft Azure Storage and Azure SQL will be available in Microsoft Purview | Information Protection. It allows automatic labeling of assets based on defined conditions. Public Preview begins mid-November 2024, with General Availability starting late March 2025. Admins can configure new policies, and some existing capabilities will be discontinued. Preparation requires no admin action before rollout.


More Information

Automatically label all or some assets in Microsoft Azure Storage and Microsoft Azure SQL with an auto-labeling policy. You will be able to clearly define labeling conditions for data sources in Azure separately from existing Microsoft 365 files configurations.

When this will happen:

Public Preview: We will begin rolling out mid-November 2024 and expect to complete by late November 2024.

General Availability (Worldwide): We will begin rolling out late March 2025 and expect to complete by mid-April 2025.

How this will affect your organization:

You can create new auto-labeling policies for Azure Storage and Azure SQL Server that allow you to specify specific data assets or ALL assets to be automatically labeled when the out-of-the-box sensitive information types are detected in a column or asset. After the auto-labeling policy is turned on, wait 15 minutes, and then rescan the scoped data assets. The assets will be labeled automatically.

This change will be available by default for admins to configure.

After the rollout, these capabilities will no longer be available:

  • The ability to extend labeling to assets in the Microsoft Purview Data Map (opt in)
    • Instead, you can select where to extend these assets in an auto-labeling policy
  • Schematized data assets as an applicable label scope
    • You can select any label with the scope Files & other data assets for labeling in non-Microsoft 365 workloads
  • Auto-labeling for schematized data assets in label definition
    • If you have configured Auto-labeling for schematized data assets in the label definition, you will need to reconfigure those conditions in an auto-labeling policy.

Tip: After you apply labeling to data assets, you can use protection policies to add access control settings associated with the label.

You will be able to select AzureStorage and AzureSQLServer workloads in the auto-labeling policy:

auto-labeling policy

What you need to do to prepare:

This rollout will happen automatically by the specified date with no admin action required before the rollout. Review your current configuration to determine the impact for your organization. You may want to notify your users about this change and update any relevant documentation.

    Previous Post Next Post