22-March-2026 Below you will find a collection of news published yesterday. This news consists of Microsoft’s Roadmap when it is updated it will be below with items. Then there will be a section with the message center, if there is anything new there, this will be automatically included. And it contains a piece from blogs that I follow myself and would like to share with you. If I miss something in the blogs that do have an RSS feed, please let me know.
This entire post was automated via Microsoft Flow
have fun reading!
Items from the MessageCenter in Microsoft 365
| Microsoft Purview DLP: Unmanaged cloud app discovery and protection with Microsoft Purview and Palo Alto Prisma AccessCategory:Microsoft PurviewNummer:MC1257999Status:planForChange | [Introduction]
Microsoft Purview network data security now integrates with Palo Alto Prisma Access, extending discovery and protection to network traffic. With this integration, new and existing Palo Alto Prisma Access customers can configure Microsoft Purview collection and data loss prevention policies to discover and protect sensitive data shared with unmanaged cloud apps via HTTP/HTTPS, using the same classifiers, sensitive information types, and sensitivity labels used in other Purview policies. This integration also further enriches Purview Data Security Posture Management (DSPM), Insider Risk Management (IRM), enables data security & compliance for AI interactions, and more.
This message is associated with Microsoft 365 Roadmap ID 558939.
[When this will happen:]
- Public preview: We will begin rolling out in mid-April 2026 and expect to complete by mid-May 2026.
- General availability: We will begin rolling out in late October 2026 and expect to complete by late November 2026.
[How this affects your organization:]
Who is affected:
- Organizations using Microsoft Purview.
- Customers using or planning to use Palo Alto Prisma Access.
- Microsoft 365 administrators managing Purview collection and DLP policies.
What will happen:
- The Palo Alto Prisma Access integration will automatically appear in the Purview DLP Security Store as the feature rolls out.
- The integration is not enabled by default. Administrators must explicitly enable it before it can be used in policies.
- Once enabled, administrators can use existing or new Purview collection and DLP policies to inspect and protect data detected through Palo Alto Prisma Access network traffic.
- Existing network data security collection and DLP policies will automatically apply after the integration is enabled.
- There is no impact to users unless administrators enable the integration and configure network data security policies in Microsoft Purview.
[What you can do to prepare:]
- Confirm that Purview pay-as-you-go is enabled and configured for your tenant, as it is required to use this integration. Learn more: Enable Microsoft Purview pay-as-you-go features for new customers.
- Review your existing Purview collection and DLP policies to identify where network-based data inspection may be appropriate.
- Inform other data security and compliance administrators in your organization about this upcoming capability.
- After rollout, enable the Palo Alto Prisma Access integration from the Purview DLP Security Store when you are ready to use it.
Learn about Microsoft Purview Network Data Security [Compliance considerations:]
| Area |
Explanation |
| Does the change alter how existing customer data is processed? |
Network traffic inspected by Palo Alto Prisma Access can be evaluated by Microsoft Purview DLP policies once the integration is enabled by an administrator. |
| Does the change modify Purview DLP policies or enforcement? |
Existing Purview DLP and network data security policies can be applied to network-based data flows through Palo Alto Prisma Access. |
| Does the change alter how admins can monitor or report on compliance activities? |
Admins can monitor network-based data inspection and policy enforcement through existing Purview reporting and dashboards. |
| Does the change add an integration with third-party software? |
This feature integrates Microsoft Purview with Palo Alto Prisma Access. |
| Does the change include an admin control? |
The integration is disabled by default and must be explicitly enabled by administrators in the Purview DLP Security Store. |
|
| Microsoft Purview: Data Security Investigations – analyze files tied to endpoint DLP alertsCategory:Microsoft PurviewNummer:MC1258000Status:stayInformed | [Introduction] We’re introducing endpoint Data Loss Prevention (DLP) events as a queryable data source in Data Security Investigations (DSI) in Microsoft Purview. With this update, administrators can build endpoint DLP queries directly in DSI using filters such as date range, and DSI will automatically pull files associated with those events into the investigation for analysis. This integration helps security teams examine endpoint DLP activity at scale, reducing time and effort spent triaging individual alerts and improving the ability to identify patterns and potential data exfiltration scenarios. This message is associated with Microsoft 365 Roadmap ID 558547. [When this will happen] - Public Preview: Rollout begins in late April 2026 and completes in mid‑May 2026.
- General Availability (Worldwide): Rollout begins in mid‑May 2026 and completes in mid‑May 2026.
[How this will affect your organization] Who is affected Admins and security investigators using Data Security Investigations (DSI) and endpoint Data Loss Prevention (DLP) in the Microsoft Purview compliance portal. What will happen - A new Endpoint DLP tab will appear in the DSI search experience, alongside the existing Query Builder and Audit tabs.
- Admins and investigators can query endpoint DLP events using date range filters (additional filters coming soon).
- Files associated with matching endpoint DLP events will be automatically added to the investigation scope for analysis using DSI’s AI‑powered tools.
- This feature will appear automatically for eligible tenants when rollout completes. No admin action is required to enable it.
- There is no user impact.
[What you can do to prepare] No action is required. Optionally, you may: - Review how endpoint DLP query capabilities work within DSI.
- Update internal documentation for alert triage and investigation workflows, if applicable.
- Inform security teams and endpoint DLP administrators about this new capability.
Learn more: [Compliance considerations] | Question | Answer | | Does the change alter how existing customer data is processed, stored, or accessed? | Yes. Endpoint DLP event data becomes queryable in DSI, and associated files are automatically collected into investigations for analysis. | | Does the change introduce or significantly modify AI/ML capabilities that interact with customer data? | Yes. DSI’s existing AI‑assisted investigation tools will now analyze files gathered through endpoint DLP queries. | | Does the change modify how admins can monitor, report on, or demonstrate compliance activities? | Yes. Admins gain new ways to surface, query, and analyze endpoint DLP signals within DSI. |
|
| Take Action: Out-of-band update released to address an issue signing in to apps with a Microsoft accountCategory:WindowsNummer:MC1258087Status:preventOrFixIssue | Microsoft has identified an issue affecting signing in to apps using a Microsoft account. After installing the March 2026 Windows security update, some users might be unable to sign in to Microsoft apps and services. During sign‑in, users might see a “no internet” error even when the device has a working internet connection. This issue affects only Microsoft account sign‑in scenarios; organizations using Microsoft Entra ID for app authentication are not affected.
An out-of-band (OOB) update was released today, March 21, 2026, to address this issue. This cumulative update includes all protections and improvements from the March 2026 Windows security update released March 10, 2026.
This OOB update is available for Windows 11, versions 25H2 and 24H2 devices that receive standard Windows updates. It can be installed through Windows Update or the Microsoft Update Catalog. For more information, refer to the KB article KB5085516 (OS Builds 26200.8039 and 26100.8039) Out-of-band. |
