Microsoft Fabric Updates Blog

Microsoft Purview Data Loss Prevention policies for Fabric have been extended to SQL, KQL and Mirrored Databases (Preview)

• Fabric platform
• Microsoft Fabric
• Uncategorized

• April 14, 2025 by Yael Biss 40,122 Views

Microsoft Purview’s Data Loss Prevention (DLP) policies for Fabric now supports Fabric SQL, KQL and Mirrored DBs!

Purview DLP policies help organizations to improve their data security posture and comply with governmental and industry regulations. Security teams use DLP policies to automatically detect upload of sensitive information to Microsoft 365 applications like SharePoint and Exchange, and to Fabric’s semantic models and lakehouses.

Detect and protect your Fabric structured data

KQL DBs in Microsoft Fabric enable real-time, interactive analytics that empower organizations to quickly query and gain insights from massive datasets.

Fabric Mirrored DBs offer an easy-to-use, end-to-end platform that fosters collaboration and openness by combining multiple solutions into one seamless environment built to support the open-source Delta Lake table format.

SQL databases provide robust, scalable, and secure data storage solutions that seamlessly integrate with analytics, data engineering, and AI workloads.

Using DLP policies, security admins will be able to define policies which will scan data uploaded to SQL DBs, KQL DBs or Mirrored DBs (including Snowflake, Azure and more). When sensitive data is detected, the policy can be configured to trigger an alert for the security team and surface a descriptive policy tip to data owners to take a risk remediation action.

With this update we’re allowing you a more comprehensive view of the detected sensitive information in your Fabric tenant, including all the items listed below, with more planned for the near future, so stay tuned:

• SQL Database
• KQL Database 
• Mirrored Azure Cosmos DB 
• Mirrored Azure DB for PostgreSQL 
• Mirrored Azure SQL Database 
• Mirrored Azure SQL Managed Instance 
• Mirrored database 
• Mirrored Snowflake 
• Mirrored SQL Server Database  
• Lakehouse (previously supported) 
• Semantic model (previously supported) 

Note that for KQL DBs DLP support you will need to enable the OneLake sync within the item, as shown below, to allow the DB to sync with OneLake where DLP will scan the data and surface the results.

As a reminder, Purview Data Loss Prevention Policies are acquired through the Purview new pay-as-you–go billing and are subject to consenting to the new business model.

As always, we welcome your comments or any feedback you may have regarding data loss prevention in Fabric. For any suggestions, please fill out our feedback form.