[Launched] Generally Available: GRS and CRR support for Azure VMs using Premium SSD v2 in Azure Backup availability in Norway and Japan
July 18, 2025DP-3028 Labs Delayed — Trainer Files Releasing Tomorrow
July 18, 2025
Introduction
As organizations embrace AI to drive innovation and productivity, ensuring data security, compliance, and governance becomes paramount. Microsoft Fabric’s Power BI Copilot offers powerful AI-driven insights, but without proper oversight, it can expose sensitive data or violate regulatory requirements.
Enter Microsoft Purview’s Data Security Posture Management (DSPM) for AI—a unified solution that empowers enterprises to monitor, protect, and govern AI interactions across Microsoft and third-party platforms. This blog explores how Purview DSPM for AI integrates with Fabric Power BI Copilot to deliver robust data protection and governance and provides a step-by-step guide to enable this integration.
Capabilities of Purview DSPM for AI
As organizations adopt AI, implementing data controls and Zero Trust approach is crucial to mitigate risks like data oversharing and leakage, and potential non-compliant usage in AI. We are excited to announce Microsoft Purview capabilities in preview for Copilot in Fabric, starting with Copilot for Power BI. By combining Microsoft Purview and Copilot for Power BI, users can:
Discover data risks such as sensitive data in user prompts and responses in Activity Explorer and receive recommended actions in their Microsoft Purview DSPM for AI Reports to reduce these risks.
DSPM for AI Activity Explorer
DSPM for AI Reports
Identify risky AI usage with Microsoft Purview Insider Risk Management to investigate risky AI usage, such as an inadvertent user who has neglected security best practices and shared sensitive data in AI.
Govern AI usage with Microsoft Purview Audit, Microsoft Purview eDiscovery, retention policies, and non-compliant or unethical AI usage detection with Purview Communication Compliance.
Copilot for Power BI data in Purview Audit
Copilot for Power BI data in Purview eDiscovery
Copilot for Power BI data in Purview Communications Compliance
Purview DLM retention policy for Copilot for Power BI
Steps to Enable the Integration
To use DSPM for AI from the Microsoft Purview portal, you must have the following prerequisites,
Activate Purview Audit which requires user to have the role of Entra Compliance Admin or Entra Global admin to enable Purview Audit. More details on DSPM pre-requisites can be found here, Considerations for deploying Microsoft Purview Data Security Posture Management (DSPM) for AI | Microsoft Learn
To enable Purview DSPM for AI for Copilot for Power BI,
Step 1: Enable DSPM for AI Policies
- Navigate to Microsoft Purview DSPM for AI.
- Enable the one-click policy: “DSPM for AI – Capture interactions for Copilot experiences”.
- Optionally enable additional policies:
- Detect risky AI usage
- Detect risky AI usage
- Detect unethical behavior in AI apps
- Detect unethical behavior in AI apps
These policies can be configured in the Microsoft Purview DSPM for AI portal and tailored to your organization’s risk profile.
Step 2: Monitor and Act
- Use DSPM for AI Reports and Activity Explorer to monitor AI interactions.
- Apply IRM, DLM, CC and eDiscovery actions as needed.
Purview Roles and Permissions Needed by Users
To manage and operate DSPM for AI effectively, assign the following roles:
|
Role |
Responsibilities |
|
Purview Compliance Administrator |
Full access to configure policies and DSPM for AI setup |
|
Purview Security Reader |
View reports, dashboards, policies and AI Activity |
|
Content Explorer Content Viewer |
Additional Permission to view the actual prompts and responses on top of the above permissions |
|
Fabric Admin (Custom Role) |
(Planned) Scoped access to Power BI Copilot AI interactions only with prompts & responses |
More details on Purview DSPM for AI Roles & permissions can be found here, Permissions for Microsoft Purview Data Security Posture Management for AI | Microsoft Learn
Purview Costs
Microsoft Purview now offers a combination of entitlement-based (per-user-per-month) and Pay-As-You-Go (PAYG) pricing models. The PAYG model applies to a broader set of Purview capabilities—including Insider Risk Management, Communication Compliance, eDiscovery, and other data security and governance solutions—based on copilot for Power BI usage volume or complexity. Purview Audit logging of Copilot for Power BI activity remains included at no additional cost as part of Microsoft 365 E5 licensing. This flexible pricing structure ensures that organizations only pay for what they use as data flows through AI models, networks, and applications.
For further details, please refer to this blog:
New Purview pricing options for protecting AI apps and agents | Microsoft Community Hub
Conclusion
Microsoft Purview DSPM for AI is a game-changer for organizations looking to adopt AI responsibly. By integrating with Copilot in Fabric, it provides a comprehensive framework to discover, protect, and govern AI interactions—ensuring compliance, reducing risk, and enabling secure innovation.
Whether you’re a data privacy officer, security admin, or product manager, enabling this integration is a strategic step toward building a secure, AI-ready enterprise.
Additional resources
- Use Microsoft Purview to manage data security & compliance for Microsoft Security Copilot | Microsoft Learn
- How to deploy Microsoft Purview DSPM for AI to secure your AI apps
- Learn how Microsoft Purview Data Security Posture Management (DSPM) for AI provides data security and compliance protections for Copilots and other generative AI apps | Microsoft Learn
- Considerations for deploying Microsoft Purview Data Security Posture Management (DSPM) for AI | Microsoft Learn
- Learn about Microsoft Purview billing models | Microsoft Learn