跳到主要內容

Deploy DSPM for AI Overview and Get Started Prerequisites

Implementation Effort: Low – DSPM for AI is a built-in Microsoft Purview capability that requires license activation and minimal configuration; no agents or infrastructure deployment needed.
User Impact: Low – Admin-only activity; deployment provides visibility to security and compliance teams without affecting end-user workflows.

Overview

Microsoft Purview Data Security Posture Management (DSPM) for AI provides a centralized view of how AI workloads — including Microsoft 365 Copilot, Agent 365 instances, and third-party generative AI applications — interact with organizational data. Deploying DSPM for AI is a foundational step that enables security teams to gain visibility into AI data access patterns before applying controls. Without this visibility, organizations lack the ability to answer basic questions: what sensitive data is being surfaced through AI interactions, which users are generating the highest volume of AI activity, and whether existing data protection policies are being triggered during those interactions.

The deployment process begins with verifying that the required Microsoft 365 and Microsoft Purview licensing prerequisites are met. DSPM for AI requires a Microsoft 365 E5 or E5 Compliance license (or equivalent add-ons). Once licensing is confirmed, administrators enable DSPM for AI through the Microsoft Purview compliance portal. The initial deployment surfaces the DSPM for AI overview dashboard, which aggregates telemetry across all AI interaction locations — Copilot in Word, Excel, PowerPoint, Teams, and other M365 locations, as well as Agent 365 custom agents and Copilot Studio agents. This overview provides a risk-prioritized summary of AI interaction activity, including sensitivity label matches, DLP policy triggers, and data access patterns by user and location.

Monitoring Agent Data Interactions

Beyond the initial deployment and overview, DSPM for AI serves as the primary observability surface for monitoring how agents interact with organizational data. As organizations build and deploy agents through Agent 365 and Copilot Studio, those agents access SharePoint sites, query Microsoft Graph, and interact with data sources that may contain classified or sensitive content. DSPM for AI captures telemetry from these agent interactions — what data sources agents queried, which sensitivity labels were present on the accessed content, whether DLP policies were triggered during agent operations, and the volume and frequency of agent data access events.

This agent-specific monitoring capability is essential for the "Build Agents Securely" workflow because it closes the feedback loop between agent deployment and data security enforcement. When development teams publish new agents to the Agent 365 registry, security teams need to verify that those agents are not accessing data beyond their intended scope. DSPM for AI provides this verification without requiring custom monitoring infrastructure — the telemetry flows automatically once DSPM is enabled and agents are operating within the Microsoft 365 ecosystem.

Security teams should use the DSPM for AI dashboard to establish baseline agent data interaction patterns during initial agent rollout. Once baselines are established, deviations — such as an agent suddenly accessing a new SharePoint site collection containing highly classified content, or a spike in DLP policy triggers from a specific agent — become actionable signals that warrant investigation. This baseline-and-deviation approach is more effective than setting static thresholds because agent interaction patterns evolve as organizations expand agent capabilities and data source integrations.

Zero Trust Alignment

This task directly supports Assume Breach — continuous monitoring of AI data access patterns allows security teams to detect anomalous behavior early, whether from a compromised user account generating unusual Copilot queries or from an agent instance accessing data outside its expected scope. It also supports Verify Explicitly by providing evidence-based visibility into what AI workloads are actually doing with organizational data, rather than relying on assumptions about agent behavior.

Organizations that skip this step deploy AI workloads without instrumentation. They cannot determine which sensitive documents are being surfaced by Copilot, whether agents are accessing data outside their intended scope, or whether data protection policies are being triggered at scale. This blind spot leaves security teams reactive, discovering data exposure problems only after they have caused damage.

Reference