What’s new
Palo Alto Networks has announced that its Cortex Cloud Data Security Posture Management (DSPM) platform now supports the detection and use of Microsoft Purview Information Protection (MPIP) sensitivity labels. This update enables organizations to view, analyze, and leverage MPIP labels for files stored across any cloud environment, extending beyond Microsoft’s own ecosystem to platforms like Amazon Web Services (AWS), Google Cloud, and various SaaS applications.
Why it matters
As organizations increasingly rely on cloud storage and productivity tools, sensitive data is often dispersed across various files and platforms. MPIP sensitivity labels, commonly used within Microsoft’s productivity suite, help classify documents and enforce data protection policies. By integrating these labels into Cortex Cloud, security teams gain enhanced visibility and control over sensitive information, regardless of where files reside. This development addresses a critical need to bridge gaps in labeling strategies, enforce consistent protection policies, and reduce the risk of accidental data exposure or compliance violations.
Details
- Comprehensive Label Detection: Cortex Cloud DSPM now identifies and catalogs MPIP labels embedded in file metadata, even if files are stored outside of Microsoft environments, such as on AWS S3 or Google Cloud Storage.
- Label-Driven Policy Enforcement: Organizations can define security policies and automated playbooks based on the sensitivity levels assigned by MPIP labels, enabling real-time risk detection and mitigation.
- Cross-Validation with Automated Classifiers: The platform not only reads existing labels but also scans file contents using both prebuilt and custom classifiers. This allows security teams to compare the intended classification (label) with the actual data detected, identifying mislabeling or gaps in policy enforcement.
- Integration with Security Workflows: MPIP label awareness is now available throughout Cortex Cloud, supporting remediation workflows, Cloud Infrastructure Entitlement Management (CIEM), and broader security operations.
- Visibility Across the Data Lifecycle: Security teams can track sensitive files as they move between environments, helping prevent inadvertent exposure, such as when labeled documents are used in AI training datasets or shared externally in violation of policy.
Background
MPIP sensitivity labels are a cornerstone of Microsoft’s data protection strategy, allowing users to manually or automatically classify documents based on their sensitivity. These labels are embedded in file metadata and persist regardless of where the file is stored, forming the basis of data loss prevention (DLP) policies within Microsoft 365 applications. However, as organizations adopt multi-cloud strategies, the effectiveness of these labels has been limited by their visibility outside the Microsoft ecosystem.
Cortex Cloud DSPM already provides continuous scanning and classification of files across cloud environments. The new capability to detect and utilize MPIP labels bridges the gap between manual labeling practices and automated content analysis, empowering organizations to make better-informed decisions about data security and compliance.
What’s next
Support for MPIP sensitivity labels is now available within Cortex Cloud DSPM. Palo Alto Networks encourages organizations to contact their account managers for further information or to arrange a customized demonstration. As organizations seek to unify data protection strategies across increasingly complex cloud landscapes, further enhancements to label integration and automated policy enforcement are likely to follow.
Source: Original source