MC305453: Microsoft Information Protection: Public preview of new roles and role groups for granular permissions management

We’re releasing new roles and role groups to allow granular permissions to manage Information Protection and Data Loss Prevention (DLP) within the Microsoft 365 compliance center. This message is associated with Microsoft 365 Roadmap ID 88531.

When this will happen

Rollout will begin in early January and is expected to be complete by early February 2022.

How this will affect your organization

The following new roles are being introduced in public preview:

• Information Protection Admin: Create, edit, and delete DLP policies, sensitivity labels and their policies, and all classifier types. Manage endpoint DLP settings and simulation mode for auto-labeling policies.
• Information Protection Analyst: Access and manage DLP alerts and activity explorer. View-only access to DLP policies, sensitivity labels and their policies, and all classifier types.
• Information Protection Investigator: Access and manage DLP alerts, activity explorer, and content explorer. View-only access to DLP policies, sensitivity labels and their policies, and all classifier types.
• Information Protection Reader: View-only access to reports for DLP policies and sensitivity labels and their policies.

The following new role groups are being introduced in public preview:

• Information Protection: Full control over all information protection features, including sensitivity labels and their policies, DLP, all classifier types, activity and content explorers, and all related reports.
• Information Protection Admins: Create, edit, and delete DLP policies, sensitivity labels and their policies, and all classifier types. Manage endpoint DLP settings and simulation mode for auto-labeling policies.
• Information Protection Analysts: Access and manage DLP alerts and activity explorer. View-only access to DLP policies, sensitivity labels and their policies, and all classifier types.
• Information Protection Investigators: Access and manage DLP alerts, activity explorer, and content explorer. View-only access to DLP policies, sensitivity labels and their policies, and all classifier types.
• Information Protection Readers: View-only access to reports for DLP policies and sensitivity labels and their policies.

What you need to do to prepare

• This update will not impact your current configurations. You may opt to use the new roles and role groups at your discretion.

Learn more

• Microsoft Information Protection in Microsoft 365

Message ID: MC305453
Published: 15 December 2021
Updated: 15 December 2021
#NewFeature #AdminImpact
Stay Informed