Purview Lightning Talks – Microsoft Security Community

Posted on 31 May 2026Updated on 1 June 2026by Nikki Chapple

Event details

Event: Purview Lightning Talks – Microsoft Security Community
Location: Virtual (Microsoft Community Event)
Format: Live Lightning Talk (Recorded and published on YouTube)
Date: 30 April 2026
Sessions:

The Day Offboarding Exposed Infinite Retention
The Purview Hack No One Talks About: Container Sensitivity Labels That Fix Oversharing Fast

About the event

The Purview Lightning Talks is a community-led Microsoft Security event designed to share real-world Microsoft Purview insights in short, focused sessions.

Each talk is deliberately concise, cutting straight to practical use cases, lessons learned, and actionable recommendations.

The event brings together Microsoft MVPs, customers, and practitioners to share hands-on experience with data security, compliance, and governance in Microsoft 365.

Shadow AI Governance: You Can’t Stop AI. But You Can Control the Risk

Posted on 31 May 2026Updated on 31 May 2026by Nikki Chapple

Shadow AI governance is now a critical challenge for organisations.

Shadow AI is already inside your organisation.

Employees are using AI tools every day to summarise documents, improve emails, analyse spreadsheets, generate presentations, and draft proposals. Most are not trying to break policy. They are trying to work faster and smarter.

That is exactly what makes Shadow AI such a serious governance risk.

This is no longer a question of whether AI is being used at work. It is a question of whether your organisation has visibility into which AI tools are in use, what data is being shared, and which controls are in place to reduce risk.

The urgency is real. Microsoft’s 2026 Data Security Index report says that 32% of surveyed organisations’ data security incidents involve the use of generative AI tools, while only 47% of surveyed organisations are implementing controls focused on generative AI workloads. More than 80% of surveyed organisations are implementing or developing Data Security Posture Management strategies to improve visibility and governance.

AI adoption is accelerating.

Governance is still catching up.

This article explains the practical control model I use with organisations to understand Shadow AI risk, improve visibility, and apply effective governance at scale.

How to Govern Shadow AI with Microsoft Purview, Defender and DSPM

Posted on 31 May 2026Updated on 31 May 2026by Nikki Chapple

Most organisations are already dealing with Shadow AI, whether they realise it or not.

Employees are using ChatGPT, Claude, Gemini, AI-powered browser extensions, meeting assistants, coding tools, and countless other generative AI services to work faster.

The challenge is not stopping people from using AI.

The challenge is governing where organisational data goes.

In my previous article, Shadow AI Governance: Why You Must Control AI Data Risk In Microsoft 365 I explained why Shadow AI has become one of the fastest-growing data security challenges facing IT and security teams.

This article focuses on the next question:

How do you actually govern it?

Microsoft recently published a deployment model called Prevent Data Leak To Shadow AI, which combines Microsoft Purview, Microsoft Defender for Cloud Apps, Microsoft Entra, and Microsoft Intune into a unified approach for managing AI risk.

Microsoft’s guidance is excellent.
But in practice, I simplify it into two control layers:

Control the Apps
Control the Data

Everything else supports these two decisions.

Because successful AI governance is not about blocking AI.
It is about enabling AI safely.

You cannot stop users using AI.
But you can control what happens to your data.

How To Apply Container Sensitivity Labels at Scale in Microsoft 365

Posted on 16 May 2026Updated on 31 May 2026by Nikki Chapple

Introduction: Oversharing Does Not Start With Files

How to apply sensitivity labels at scale to existing Microsoft 365 Groups, Microsoft Teams and SharePoint sites is one of the most common follow-up questions I receive when discussing container sensitivity labels.

If your environment only contains a small number of workspaces, applying labels manually is manageable.

However, most organisations operate at scale. Hundreds or even thousands of Microsoft 365 Groups, Microsoft Teams and SharePoint sites already exist.

This is where governance becomes inconsistent and risky.

In this post, I show how to:

✅ Analyse your existing environment
✅ Identify oversharing risk
✅ Apply container sensitivity labels at scale using PowerShell

The goal is not just automation.

It is to apply consistent, risk-based governance and reduce oversharing in Microsoft 365 and Copilot environments.

This approach ensures you can apply container sensitivity labels at scale across existing Microsoft 365 environments in a consistent and controlled way.

How to Deploy Microsoft Purview DLP for Copilot and Generative AI

Posted on 16 May 2026Updated on 20 May 2026by Nikki Chapple

Organisations adopting Microsoft 365 Copilot and generative AI are facing a common challenge. Data is no longer static. It is constantly moving, reused, and now being surfaced and generated by AI.

This changes the risk profile.

The questions I hear most often are:

What are the real data security risks with AI?
Which controls actually make a difference?
How do we deploy them effectively in Microsoft Purview?

This guide builds on my ECS 2026 session and focuses on the controls that provide the greatest practical value. It cuts through the noise and shows how to use Microsoft Purview DLP for Copilot and generative AI, with a practical approach to reducing real-world data leakage risk across both internal and external AI tools.

Container Sensitivity Labels: The Purview “Hack” That Fixes Copilot Oversharing Fast

Posted on 16 May 2026Updated on 31 May 2026by Nikki Chapple

Introduction: Oversharing Starts Before a Single File Exists

Copilot oversharing is one of the most misunderstood risks in Microsoft 365. In reality, it often starts before a single file is uploaded.

It begins when Microsoft Teams, SharePoint sites, and Microsoft 365 Groups are created using generic tenant-wide defaults.

In an AI-enabled world, those overly permissive defaults become significantly more dangerous because Microsoft 365 Copilot operates within existing permissions.

Copilot does not create access.

It reveals it.

How to Configure Container Sensitivity Labels in Microsoft Purview (Step-by-Step)

Posted on 15 May 2026Updated on 16 May 2026by Nikki Chapple

Microsoft Purview container sensitivity labels allow organisations to apply consistent, risk-based collaboration and access controls across Microsoft Teams, Microsoft 365 Groups, and SharePoint sites without relying on manual decisions at the point of creation.

Instead of users or administrators deciding security settings each time a workspace is created, container sensitivity labels enforce governance automatically based on collaboration risk.

This is one of the most effective ways to reduce Microsoft 365 Copilot oversharing risk because Copilot surfaces only what users already have access to.

If access controls are overly broad, AI exposure becomes overly broad.

This guide focuses specifically on implementation:

✅ How to configure Microsoft Purview container sensitivity labels
✅ How to apply risk-based collaboration controls
✅ How to govern guest access and sharing consistently
✅ How to integrate with Microsoft Entra Conditional Access
✅ How to operationalise secure-by-default collaboration governance