☕ SharePoint Tip #9 — Sensitivity Labels and DLP: protecting your content

Posted on by

Good morning! Here is your 15-minute SharePoint tip for today.

Day 9 | Week 2 — Administration & Security

Sensitivity Labels and DLP Policies

Two of Microsoft Purview’s most important features for SharePoint — Sensitivity Labels protect content, DLP policies prevent accidental data leakage.

Sensitivity Labels

A Sensitivity Label is a tag you apply to a file or site that enforces protection rules. Labels are defined by your compliance team and flow from Microsoft Purview.

Example labels an organisation might use:

  • Public — no restrictions
  • Internal — accessible to all employees, not external
  • Confidential — encrypted, external sharing blocked
  • Highly Confidential — encrypted, access limited to specific groups

When a label is applied to a SharePoint site, it sets the privacy (public/private), external sharing policy, and unmanaged device access for that entire site automatically. When applied to a file, it encrypts the file so only authorised users can open it — even if the file is downloaded or forwarded.

Data Loss Prevention (DLP) Policies

A DLP policy automatically detects sensitive content and takes action to prevent it from being shared inappropriately.

Examples of what DLP can detect:

  • Credit card numbers
  • Passport or national ID numbers
  • NHS/Social Security numbers
  • Custom sensitive data patterns your organisation defines

When SharePoint detects a match, it can:

  • Show a policy tip to the user ("This file appears to contain sensitive data")
  • Block sharing of the file externally
  • Notify a compliance officer for review
  • Quarantine the file

Try it today (5 minutes)

Go to compliance.microsoft.comData loss prevention → Policies. Even if you don’t have permission to edit, you can view what DLP policies are already in place across your SharePoint tenant. Understanding what’s already being protected is essential for a Product Owner.

As a Product Owner

Sensitivity labels and DLP are not just IT concerns — they directly affect the user experience. A DLP policy that is too aggressive will block legitimate sharing and cause support tickets. Your role is to balance protection with usability, and to communicate clearly to users why certain content is restricted.

See you tomorrow at 6:00 AM with Tip #10 — Retention Policies, Backup and Restore!