Now rolling out to public preview, we’re adding new Sensitive Information Types (SITs) to allow your organization to detect credential patterns (such as access keys, tokens, general passwords), as either individual patterns for specific detection or a bundle of all credential patterns for holistic detection. This message is associated with Microsoft 365 Roadmap ID 88941.
The addition of new Credential Sensitive Information Types (SITs) will allow your company to detect individual credential patterns (access keys, tokens, general passwords, etc.). Additionally, we will be offering a SIT which bundles all individual credential types for more holistic detection.
When this will happen
Public preview rollout is underway and is expected to be complete within the next couple of business days.
How this will affect your organization
We are rolling out 42 new SITs (preview) that enable organizations to identify, classify, and protect credentials found in documents across their data landscape. These new credential SITs will be visible in Content explorer and Activity explorer, enabling admins to locate documents that contain sensitive credentials and identify activity involving the use of this credential data within their environment.
In the Microsoft Purview compliance portal, these new credential SITs can be added to solutions such as auto-labeling and DLP policies to quickly and accurately detect and classify complex digital authentication credentials, such as user credentials (username and passwords), default passwords, and Azure cloud resources (e.g., Storage Account Keys, SQL Server Connection Strings, and SAS). Note: For the public preview of this feature, only server-side auto-labeling policy authoring with Credential SITs will be supported; availability of client-side auto-labeling support will be communicated at a future date.
Detection of general passwords using Credential SIT
This update also includes new SITs for credentials used to access cloud development resources, for services including Amazon, GitHub, Slack, Google, and more.
List of all 42 new SITs
What you need to do to prepare
Access the Information Protection solution in the Microsoft Purview compliance portal.
Message ID: MC402123
Published: 19 July 2022
Updated: 19 July 2022