Skip to main content
🦉
Message CenterMicrosoft 365 Updates
HomePermissionsTenant FinderM365 ReportPortfolio
🦉
M365 Message Centerby Cengiz YILMAZ

Track the latest updates, features, and announcements for Microsoft 365 services. Comprehensive archive of service updates and important changes.

Quick Links

HomePermissionsTenant FinderM365 ReportPortfolio

Connect

© 2026 M365 Message Center. Created with ❤ by Cengiz YILMAZ

Data sourced from Microsoft 365 Message Center • Not affiliated with Microsoft

  1. Home
  2. /
  3. MC1262573

Microsoft Purview: Information Protection – Extended scoping capabilities for sensitivity label policies

Informational

Message ID

MC1262573
View in Admin Center

Roadmap ID

558685
View in Roadmap

Services

Microsoft 365 suite
Microsoft Purview

Affected Platforms

Web

Summary

Microsoft Purview Information Protection now allows admins to exclude modern Microsoft 365 groups and include dynamic and non-mail-enabled security groups in sensitivity label policies. Rollout begins late April 2026 with general availability by early June 2026. No user impact unless policies are updated.

Details

Updated April 20, 2026: We have updated the timeline. Thank you for your patience. 

Introduction

Purview Information Protection admins can now exclude modern Microsoft 365 groups and scope sensitivity label policies to dynamic and non-mail enabled security groups. These capabilities give admins more flexibility, expanding policy targeting beyond individual users and mail-enabled groups. 

This message is associated with Microsoft 365 Roadmap ID 558685.

When this will happen:

  • Public Preview: We will begin rolling out late April 2026 and expect to complete by mid-May 2026.
  • General Availability: We will begin rolling out late May 2026 (previously mid-June) and expect to complete by early June 2026 (previously late June).

How this affects your organization:

Who is affected:

  • Information Protection admins managing sensitivity label publishing policies

What will happen:

  • Admins can exclude modern Microsoft 365 groups from label publishing policies
  • Admins can include non-mail-enabled security groups, including dynamic security groups
  • Existing policies and configurations remain unchanged
  • No user impact unless admins update policy scope

What you can do to prepare:

  • No action is required
  • Optionally review and update label publishing policies to take advantage of expanded scoping

Learn more: Create and publish sensitivity labels | Microsoft Learn (will be updated before rollout)

Compliance considerations:

Compliance question Explanation
Does the change modify Information Protection labels or policy configuration capabilities? This update expands how sensitivity label publishing policies can be scoped by allowing admins to exclude modern Microsoft 365 groups and include non-mail-enabled security groups.
Does the change include an admin control and can it be controlled through Entra ID group membership? Admins can scope sensitivity label publishing policies using non-mail-enabled security groups, including dynamic security groups in Microsoft Entra ID.

Timeline

Published
Mar 26, 2026
Message published to Message Center
Updated
Apr 20, 2026
Message content updated
End Date
Jul 27, 2026
Message timeline ends

Tags

#Updated message#New feature#Admin impact

Category

Stay Informed

Related Messages

Similar updates

MC1234661

DLP policies will be able to block Copilot processing of sensitivity‑labeled files in all storage locations

Feb 19, 2026
MC1217640

Microsoft Purview | Information Protection - Content Explorer: Unscanned data and Classification History summary metrics

Jan 14, 2026
MC1217153

Microsoft Purview compliance portal: Information Protection – Email attachment preview in Activity Explorer

Jan 13, 2026
MC791114

Data Loss Prevention: Decoupling policy tips and email notifications for SharePoint and OneDrive

May 8, 2024
MC1279068

Microsoft Purview | Information Protection: Sensitivity label inheritance for Teams meeting artifacts

Apr 13, 2026