Announcement: Microsoft Purview Data Loss Prevention policies have been extended to Fabric lakehouses
Extending Microsoft Purview’s Data Loss Prevention (DLP) policies into Fabric lakehouses is now in public preview!
This follows the success of DLP for Power BI and the GA of Microsoft Fabric last year.
DLP policies help you automatically detect sensitive information as it is uploaded into lakehouses in your Fabric tenant and take risk remediation actions, to help you with governmental or industry regulations, such as the European Union’s General Data Protection Regulation (GDPR) and the Health Insurance Portability and Accountability Act (HIPAA).
DLP policies—classify and protect your Fabric data
With this preview we’re introducing DLP policies to Fabric lakehouses, and soon to additional structured data items.
This means that DLP policies will be able to scan your lakehouse data upon every update, and surface if there is sensitive information found within them, so that all users interacting with this data will be aware and know to follow company guidelines regarding sensitive information.
Compliance and Security administrators will receive audit logs for every detection and will have further visibility into business-critical data and its location within the tenant. Furthermore, they can set up alerts to be automatically generated when sensitive information is found in their Fabric lakehouses or semantic models. They can provide customized messages to users and help guide them on how to interact with sensitive data. For example, whenever proprietary information is detected, show Fabric users a message explaining that this information is internal and should not be shared externally.
These rules include the detection of all Purview’s out-of-the-box sensitive info types (SIT), custom classifiers, such as regex and keyword lists, and complex conditions using combinations of AND/OR/NOT operators between SITs and sensitivity labels.
By using DLP policies in Fabric, you strengthen your security posture and reduce the risk of sensitive information being uploaded to the cloud without your
Note: Currently, there will be no charge for lakehouses scanned by DLP policies. However, Microsoft Purview will be releasing a new pay-as-you-go consumption-based business model in the coming months, and once this is live, DLP policies will need to be acquired using the new model, as stated in this announcement. We will follow up with an official announcement of the new model and its details when pricing details and timelines become available.
Resources:
- Overview of DLP policies for Fabric
- Configure a DLP policy for Fabric
- Respond to a policy violation
- Define Microsoft Purview DLP policies for Power BI (cloudguides.com) – Interactive Guide
We’re welcome comments or feedback you may have regarding data loss prevention in Fabric. For any suggestions, please fill out this form.