Guardians of M365 Governance: DSPM for AI Deep Dive with Microsoft’s Erica Toelle

Welcome back to another episode recap from the Guardians of M365 Governance monthly webcast! Christian Buckley and Ragnar Heil were joined by Microsoft’s Erica Toelle for an eye-opening discussion about Data Security Posture Management for AI.

The Setup: Post-Vacation Vibes and Big Announcements

Christian kicked things off with his usual energy, welcoming everyone back after what felt like “the longest month ever” – though Ragnar was quick to correct him that it had been exactly four weeks since their last show. Ragnar, fresh from a relaxing Spanish vacation filled with beach time, good food, and siestas, was clearly recharged and ready to dive into the governance deep end.
The big milestone? This marked their 20th episode of the series, and what better way to celebrate than bringing back former MVP turned Microsoft insider, Erica Toelle.

Meet the Guest: Erica Toelle’s Expanded Role

Erica joined the show with some interesting updates about her role at Microsoft. While she still covers records management (her original domain), her primary focus has shifted to Microsoft Purview plus M365 Copilot and Copilot agents. As she put it, “It’s been at least a year” since her last appearance – time really doesn’t matter much anymore in the fast-paced world of AI governance.

The timing couldn’t be better, given the wave of updates following Microsoft’s M365 conference in May and the spotlight on AI-powered services.

The Big Question: How Has Purview’s Role Changed?

Christian posed the million-dollar question that’s on every IT administrator’s mind: “How would you describe the shift in Purview’s role as organizations start adopting AI tools like Copilot?”
Erica’s response was refreshingly straightforward: “Microsoft Purview has always been about protecting data sources – SharePoint, unstructured databases, M365 content. The evolution isn’t about changing the mission; it’s about expanding to new content types: AI interactions, prompts, and responses.

Real Talk: What Customers Are Actually Worried About

Both Christian and Ragnar shared insights from their client work, and the patterns are telling:

Ragnar’s Perspective: The Agent Game-Changer
“In the last year or two, we delivered a lot of M365 Copilot workshops where they only could access Exchange, OneDrive, SharePoint, Teams. Now with agents, it’s different because they can access other tools with very sensitive data – ERP, CRM, HR systems.”

The concerns have evolved:

• Who can create agents?
• What data should and shouldn’t be accessible?
• Operational excellence: Are agents running properly or just burning budget?
• Access rights and permissions (the eternal governance challenge)

The Governance Awakening
Here’s the plot twist that had both hosts excited: Customers are now coming to them asking for governance help. As Ragnar noted, “That’s something different compared to last year where we had to push why governance is important. Now they ask us, ‘Please help us with governance.'”

The Shadow AI Reality Check

Christian brought up the elephant in the room: Shadow AI. Are unsanctioned AI tools sneaking into organizations?

Erica’s take: “It’s not any different than concerns about any Shadow IT app over the years.” The solution isn’t panic – it’s proper tooling:

• Device management policies
• Microsoft Defender for Cloud Apps for firewall-level monitoring
• Purview Endpoint DLP to control sensitive data usage with external AI tools

The key insight? You can let people access external AI apps while preventing them from using sensitive data with those tools.

The Star of the Show: DSPM for AI

The conversation’s highlight was Ragnar’s live demo of the newly rebranded Data Security Posture Management (DSPM) for AI platform (formerly known as AI Hub).

What’s New Beyond the Rebrand?

This isn’t just cosmetic surgery. The platform now includes a dedicated “Apps and Agents” section that monitors:

• ChatGPT Enterprise (yes, third-party AI!)
• Microsoft Fabric
• Security Copilot
• Copilot Studio agents
• Azure AI agents

The Dashboard That Changes Everything

Ragnar walked through his demo environment, showing off the rich analytics:
Six different analytical views: User analytics, interaction analytics, risk and compliance
Granular policy tracking: 10 data protection policies, 9 compliance policies
Risk assessment: Very sensitive responses, risky prompts, policy triggers
Usage metrics: Total prompts, response activities, daily peaks

The wow moment? You can export everything as CSV for further analysis – something governance professionals have been begging for.

The German Workers Council Dilemma

One of the most practical moments came when Ragnar shared a real customer scenario from a recent data security workshop. The customer loved seeing that medical data was being detected in AI interactions, but they hit a wall:

“We don’t want to go into Communication Compliance because we’ll get major pushback from the German workers council and data protection people. We see information about medical data, but we don’t know what’s inside, and we don’t want to speculate.”
Erica’s solution was brilliant: The platform provides multiple levels of detail. You can see sensitive information types detected without diving into the actual content. Click deeper for interaction data, view referenced files, see sensitivity labels – but you control how deep your team can go based on permissions.

Security Copilot: AI for AI Governance

The conversation took an exciting turn when Christian asked about “admin Copilot” – AI to help with governance tasks. Plot twist: It already exists!
Security Copilot provides AI-powered assistance for security admins, and it integrates Purview data. Ragnar demonstrated how you can search for “Purview” within Security Copilot and find dedicated agents for triaging alerts and managing governance tasks.

As Erica teased: “Stay tuned for Ignite” – clearly, more announcements are coming.

The Microsoft Strategy: End-to-End Security Platform

When Christian asked about Microsoft’s positioning of Purview as a central governance platform across environments, Erica was clear about the vision:

“We wanna be the end-to-end security platform. We can’t have vendor silos anymore. People have limited resources. We need solutions that work across platforms and clouds because ultimately, the goal is to be secure.”

The Money Quote

If you take away one thing from this episode, let it be Erica’s closing statement:

“If you actually wanna get the benefits of using generative AI with your organizational data, you can’t have management of sensitive data be an all-or-nothing on-off switch. You need granular controls for different categories of sensitive data – PII versus merger data versus confidential data. That’s where Purview really stands out.”

What’s Next?

The hosts wrapped up with excitement about upcoming guests, including Sue Hanley joining the September episode. They’re always looking for more governance experts to join the conversation – whether you’re from a product company or you’re an expert in the field.

The Bottom Line

Missed the live show? Catch up with the Guardians of M365 Governance monthly webcast and join the conversation about the rapidly evolving Microsoft 365 governance landscape.

Next episode: Sue Hanley joins Christian and Ragnar for September’s discussion. Got governance questions or want to be a guest? Reach out to the team – they’re pretty good at 24-hour internet coverage between the two of them!

Do you love Podcasts? Listen to us in your favorite Podcast Player like Spotify:

Talk to us at HanseVision about your requirements and questions about Power Platform, M365 Governance, Copilot (Studio) and Agents Governance!

Find my Calendar here and check out our OnePager about M365 Governance.