Genai is the biggest driver of innovation in the high-tech industry over the century, with incredible progress and progress taking place within three years of ChatGpt's arrival on the scene.
Despite the advances and innovation surrounding Genai, security was a looming concern. The Microsoft DataSecurity Index report finds that over 80% of business leaders show potential leaks of sensitive data as their primary concern with Genai.
Good news: There are growing initiatives to enhance genai security and AI agents deploying AI agents acting at a higher level of autonomy than the early generations of technology. Other recent developments include:
And these are the three recent developments we highlighted.
Currently, Microsoft outlines the specific measurements customers and partners can take to leverage the Purview Data Security and Governance platform to protect data in their Genai applications and use cases.
This analysis presents some of the recommended measures that fall into three categories: Purview's AI hub, AI analysis, and policy features.
AI Agent & Copilot Summit is an AI-first event that defines opportunities, impacts, and outcomes with Microsoft Copilot and agents. Based on the success of 2025, the 2026 event will take place in San Diego from March 17th to 19th. Please see details.
Security risks introduced by genai
At an online event last week, Microsoft set up the context of using Purview to protect data in Genai use cases by detailing some of the security risks associated with groundbreaking technology. They are:
- Negligence or excessive exposure of data by an info-free insider that could create a document without proper access controls will make it easier for other users to refer to the document in a large language model (LLM) or copilot.
- Data caused by a disgruntled insider who might find sensitive information using genai leaks, then leak that same information
- Data leaks by negligent insiders, such as those who share sensitive data on the Consumer Genai app
Such threats can get worse in businesses using a wide range of security platforms. Not surprisingly, Microsoft positions its scope as a turnkey security platform that allows multiple features to be integrated in a single system, but it cannot be denied that current playing states can lead to complexity, security gaps and administrative challenges on an average of over 10 security platforms used to protect common corporate data estates.
Purview ai Hub
As explained by Michael Lord, Microsoft's global security black belt, Purview AI Hub gives visibility into how Genai is used and how data is being used within your enterprise IT environment. This includes using a co-pilot.
To ensure that information protection labeling features can be applied, content access can be controlled and restricted only to those who should be able to access it.
For example, in SharePoint, you can use Purview Information Protection to label content. Sensitivity labels apply when content enters a SharePoint site, allowing you to apply inheritance from these categories to all incoming information. Administrators can define who has access to individual documents. Data Loss Prevention (DLP) enforcement, for example, prevents individuals from reducing information and not pasting it into ChatGpt. If they try to paste the information, it will be blocked.
AI Data Analysis
AI Hub has the ability to report data and application-related activities in the genai context across the data estate, providing actionable analytical insights about behavior, interactions with sensitive data, and how it applies to genai.
Analytics Insights helps administrators prioritize critical alerts and gain awareness of high priority data about whether to leave or leave the security perimeter of the company, and act accordingly.
Data analysis provides an opinion, to what extent, to what extent, to what extent, whether non-compliance and unethical use of AI occurs within the environment. “This aggregation of all these alerts actually provides trends and provides good insight into AI interactions within the environment. Furthermore, we can see the different things and different generation AI applications used within the environment, as it provides a concept of sensitive interactions per app.”
policy
Administrators can also configure policies that help prevent data loss that can occur via AI prompts and responses. Microsoft helps you build sample policies. This allows for Purview solutions such as DLP policy and compliance-related communications. Goal: Provide a unified view of all your enterprise AI actions together with a single unified data protection strategy.
This includes applying policies to consistently sort data estates across data estates, including Microsoft 365, Azure SQL, Azure Data Lake, Amazon S3 buckets, and other structured data sources.
Close thoughts
Other AI apps and tools, including Genai and AI agents, are generated to create new potentially unknown security risks beyond what is obvious or predictable. Especially in the context of agent AI, agents who perform actions autonomously can have unintended consequences, including consequences that could potentially compromise security.
While not all AI activities, applications or tools can be locked down completely, Microsoft's targeted guidance on how to fully utilize Purview – a comprehensive platform like Purview, has raised security awareness and allowed customers to maintain AI users while customers can maintain AI users while customers can maintain AI users.
Ask Cloud Wars AI Agent about this analysis
