Share via

Use Data Security Posture Management analytics (preview) trends and reports

  • Article

Data security posture management (DSPM) (preview) analytics trends and reports help provide a quick view into the unprotected and protected sensitive assets and potentially risky user activities in your organization.

Tip

If you're not an E5 customer, use the 90-day Microsoft Purview solutions trial to explore how additional Purview capabilities can help your organization manage data security and compliance needs. Start now at the Microsoft Purview trials hub. Learn details about signing up and trial terms.

Working with reports

For each report, use the following features to help filter, review, evaluate, and export DSPM insights:

  • Charts: Hover on specific areas of report information for metrics and more details about insights.
  • Customize columns: Select Customize columns to add or remove columns and associated information from a report.
  • Export: Select Export to create a .csv file that contains the values included in a report.

Analytics reports

  • Unprotected sensitive assets across data sources: This report displays the location of sensitive assets containing one or more classifiers (sensitive information types, exact data match classifiers, trainable classifiers) and:

    • Aren't protected by a data loss prevention (DLP) policy that restricts exfiltration activities.
    • Don’t have a sensitivity label applied that controls access.

  • Users performing top risk-related activities on unprotected sensitive assets: This report displays the number of users flagged by insider risk management (departing users, potentially disgruntled users, high risk users, potential high impact users, potentially risky users) who recently performed activities containing sensitive assets that:

    • Contain any type of classifier (sensitive information types, exact data match classifiers, trainable classifiers) that aren't protected by a DLP policy that blocks access or don't have a sensitivity label applied that control access.

Trends are available on the Overview page and help highlight the recent history of sensitive data assets and user activities in your organization. Trends can help you monitor your data security posture over time and track the status of protected assets. Hover over specific points in the trends to view details about that point in time or area.

  • Sensitive assets labeled (automatically + manually): Percentage of assets per week that had sensitivity labels applied, either manually or by users or automatically by auto-labeling policies.
  • Sensitive assets protected by at least one DLP policy: Percentage of sensitive assets in your organization that contain any type of classifier (sensitive information types, exact data match classifiers, trainable classifiers) and are being protected by at least one DLP policy.
  • Potentially risky users: Number of users per week who were assigned insider risk severity levels (Low, Medium, High) based on activity detected by insider risk management policies.