Regaining Control Over Unmanaged GenAI Apps: New Microsoft Purview Enhancements in Edge

Many organizations are growing increasingly concerned about the widespread use of unsanctioned Generative AI (GenAI) tools. These apps, often accessed through unmanaged browsers, pose significant risks to data security and compliance. To help with this, Microsoft is now updating some features in  Microsoft Purview that will enhance policy enforcement for unmanaged cloud apps accessed via the Edge browser.  What’s Changing? Previously, enforcing Purview Data Loss Prevention (DLP) and Collection policies required manual creation of Edge configuration policies. These policies were often complex and needed to be scoped correctly to block unsupported browsers or apply protections. With this update, Microsoft automates much of that process: Collection Policies now apply directly within Edge without needing a separate blocking configuration. DLP Policies automatically generate Edge configuration policies that align with the scope of the DLP rules. DLP policies can operate in two mode...

A few examples from get-userandpolicy

A couple of days ago I released the get-userandpolicy script, and I thought I give a few examples of how it can be used.

It's not a very complicated script, but it gave me an output I could not get in a simple way from the Lync server CSCP.

Example 1)
Q - How many policies do I have of a certain type?
A - Get-Cs........Policy will give you an answer, or use my script with a named switch to identify the number. No need to remember all the different policies, just TAB (auto complete) your way through the valid options.



Example 2) 
Q - How many policies do I have, and how many users are assigned to each policy
A - Not so easily identified through CSCP, possible with filters in powershell, or use the script in the following way.


Example 3)
Q - Now that I know how many policies I have, and what they are called, how do know which users have been assigned to these policies?
A - Simple, memorize the different powershell commands, or run the script with the -listuser switch. Then use the powerful filters of gridview to identify whatever user/policy combination you seek.