·Updated 14 July 2026·4 min read

Secure AI Adoption in PurLayer: Aligned to Microsoft's New DSPM

AI governance moved fast, and so did Microsoft. The standalone "DSPM for AI" is now the classic experience, superseded by a unified Data Security Posture Management that governs AI apps and agents alongside the rest of your data estate. PurLayer's Secure AI Adoption objective reflects that shift.

From DSPM for AI to a Unified DSPM

When most governance guidance was written, the AI conversation started and ended with Microsoft Copilot, and Microsoft addressed it with a dedicated solution called DSPM for AI. That is no longer how Microsoft frames the problem. Employees paste sensitive data into ChatGPT, Google Gemini and other consumer AI tools, often from unmanaged browsers, so AI risk cannot be treated as a silo separate from the rest of the data estate.

Microsoft has responded by replacing the standalone experience. The original DSPM for AI is now labelled "classic" and no longer receives new features. It has been superseded by a unified Data Security Posture Management (DSPM) that discovers, protects and investigates sensitive data across both traditional and AI workloads in one place, spanning Microsoft 365, Azure and Fabric, and extending to third-party SaaS platforms such as Google Cloud, Snowflake and Databricks. PurLayer's Secure AI Adoption objective was updated to reflect this consolidated model.

What the Updated Objective Covers

The new DSPM is organised around data security objectives — outcome-focused workflows such as "Prevent data exposure in Microsoft 365 Copilot interactions", "Prevent oversharing of sensitive data" and "Prevent exfiltration to risky destinations". PurLayer's Secure AI Adoption objective mirrors that outcome-led structure rather than a generic "turn on Copilot policies" recommendation.

  • AI app and agent discovery: surfacing which AI apps and agents are actually in use, across Copilot experiences, enterprise AI apps such as ChatGPT Enterprise, and third-party consumer AI, via AI observability and the Apps and agents inventory
  • Sensitive data visibility: using Activity explorer to identify sensitive or regulated data referenced in AI prompts and responses before it becomes an exposure
  • Data risk assessments: the automatic weekly assessment of top SharePoint sites, plus custom assessments, to find and remediate oversharing that generative AI can amplify
  • One-click and recommended policies: closing gaps with suggested DLP, Insider Risk Management and information protection policies drawn together in one workflow
  • Copilot-aware DLP: using Data Loss Prevention to stop Microsoft 365 Copilot and agents from summarising items carrying selected sensitivity labels
  • Browser and network coverage: the Purview browser extension, device onboarding and network data security to detect sensitive information shared with third-party AI sites, with auditing across AI interactions

Consistent and Licence-Aware

Because Secure AI Adoption lives in the shared strategy catalogue, it behaves the same way across Professional and Partner plans. It is also licence-aware, so a strategy only recommends the controls a client can actually deploy under their licensing, whether that is Microsoft 365 E5, the Purview Suite, Copilot or a combination.

The result is an AI governance story you can stand behind in front of a client or a board, grounded in the unified DSPM model Microsoft ships today rather than the classic AI-only experience it has since superseded.

Try It on Your Own Sector

The updated Secure AI Adoption objective is available now for every sector on Professional and Partner plans. Pick your sector, choose Secure AI Adoption and generate a strategy to see the unified DSPM approach applied to your regulatory context.

Explore PurLayer plans or see the Partner Program for white-label client delivery.

PurLayer generates sector-specific, regulation-verified Microsoft Purview strategies for architects, InfoSec engineers and compliance teams. Secure AI Adoption now follows Microsoft's unified DSPM approach across Professional and Partner plans. Get started.