Expert analysis from ITC’s Microsoft MVP
The recent announcements at Microsoft Ignite 2025 have highlighted some valuable observations.
As the industry transitions from focusing solely on artificial intelligence and learning models to an era of agentic agents, there is significant potential for increased productivity. However, it’s imperative that organisations continue to carefully consider the data used to ground these agents, as well as the mechanisms governing access to that data. Past experiences have demonstrated the critical importance of securing data both at rest and wherever generative AI systems may access it.
Following my attendance this year, I’ve put together a summary of the most important announcements for security, compliance and identity, and what they will mean for your business.
Microsoft Purview: Enhanced Data Security and Governance for the AI Era
Microsoft Purview introduces AI-powered data security and compliance capabilities to address risks in an era of agentic AI. Key enhancements include:
- Data Security Posture Management (DSPM): A unified view of risks across data at rest, in transit, and user interactions. This means organisations won’t need to stitch together multiple tools. Originally, this tooling was only for AI services but has now been expanded to all data Purview has access to.
- Adaptive Protection: Dynamic enforcement of policies based on real-time risk signals.
- Data Security Investigations: A new AI-powered feature leveraging large language models (LLMs) to help security teams investigate data risks and insider threats faster.
- Expanded Insider Risk Management: Tailored for generative AI usage, helping to detect and mitigate misuse of sensitive data by employees or AI agents.
- Improved Visibility and Controls: Enhanced dashboards for compliance officers and CISOs to monitor sensitive data flows across AI workloads.
Why it matters: AI adoption introduces new attack surfaces and compliance challenges, Purview’s enhancements will help organisations:
- Prevent data leakage in AI-driven workflows.
- Maintain regulatory compliance without slowing innovation.
- Investigate and remediate risks faster using AI-driven insights.
- Govern sensitive data consistently across hybrid and multi-cloud environments.
How ITC can help: ITC’s Cloud Security team can help with the onboarding and setup of Microsoft Purview to identify data Microsoft Copilot can access. ITC can also implement safeguards to prevent Copilot from grounding on sensitive information and protect against data leaks through channels like email and USB drives.
Microsoft Agent 365: AI Agent Governance
Agent 365 is Microsoft’s centralised control plane for managing AI agents across the enterprise, providing:
- Agent Registry: Visibility into all AI agents in use.
- Access Control: Integration with Microsoft Defender, Entra, and Purview for secure identity and compliance.
- Relationship Mapping: Visualises agent interactions and dependencies.
Why it matters: AI agents are powerful but can introduce “Shadow AI” risks if unmanaged. Agent 365 ensures governance, compliance, and security for AI-driven workflows, reducing exposure and enabling safe innovation.
How ITC can help: Monitor Microsoft Agent 365’s updates and recommend configurations to minimise risks from agentic agents.
Unified Security Posture Management
As Microsoft security services transition into a unified portal (Defender XDR), there’s now deeper integration with Defender for Cloud. Key additions include:
- Cloud Security Dashboard: View the status of cloud infrastructure across Azure, AWS, and GCP.
- Cloud Assets: Access your Key Vaults, Storage Accounts, and other deployed resources under Assets > Cloud Infrastructure in the XDR portal. This provides a central location to track assets and assess their security posture.
- Granular RBAC: The integration extends to the Defender XDR Unified RBAC model, so security analysts and resource owners see only the information relevant to them in the portal.
Why it matters: Security Operations Centre (SOC) analysts and teams can consolidate all necessary data into one place. Visualisations help prioritise critical recommendations and vulnerabilities for timely resolution, while granular RBAC restricts access to what each team needs.
How ITC can help: ITC can support you by reviewing the latest insights within your Defender XDR portal, offering practical recommendations and quick wins to strengthen your security posture and ensure the RBAC settings match the requirements aligned to your team’s needs.
Microsoft Edge for Business: A Secure AI Browser for BYOD
Microsoft Edge for Business now incorporates advanced enterprise AI capabilities, such as Copilot Mode and Agent Mode, alongside Zero Trust security and comprehensive data protection policies. This browser is engineered to enhance both productivity and compliance, even when utilised on personal devices.
Traditionally, supporting personal and unmanaged devices has posed significant challenges for IT teams. Edge for Business addresses these challenges through robust native data protection and context-aware security controls:
- Intune health checks ensure that only devices meeting compliance standards can access corporate resources.
- Purview data security policies extend coverage to BYOD environments, applying tailored controls according to the sensitivity of information.
- Inline AI protection blocks the submission of sensitive data to consumer AI applications such as ChatGPT or Gemini, thereby mitigating the risk of unintended data disclosure.
Why it matters: Balancing flexibility with security remains a core challenge in BYOD contexts. Edge for Business addresses this by enforcing Intune compliance, implementing Purview data loss prevention, and preventing the transmission of sensitive data to public AI tools, all whilst empowering employees to operate securely with AI-driven workflows. These features facilitate easier configuration and greater adaptability, particularly when collaborating with third parties using their own devices.
How ITC can help: ITC can assess your organisation’s requirements and use cases related to BYOD, providing design configurations and recommendations to strengthen your security with minimal impact to user productivity in relevant scenarios.
Next steps
Based on the insights shared at Microsoft Ignite, it’s clear that organisations should begin by evaluating key security measures and strategies to effectively implement agentic technologies while ensuring robust protection of the underlying data.
Whether you’re just starting your AI journey or looking to enhance existing security controls, get in touch to discuss how these security innovations align with your business objectives. ITC is a Microsoft Solutions Partner, schedule a 1:1 session with a Microsoft expert here.
