Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
To protect and handle content properly, start by categorizing and labeling it. Microsoft Purview offers three ways to classify content: manually, with automated pattern-matching, and by using trainable classifiers.
Manually
Manually categorizing your content requires human judgment and action. Users and admins categorize content as they encounter it. You can use either the pre-existing labels and sensitive information types or you can use ones that you create yourself. You can then protect the content and manage its disposition.
Automated pattern-matching
These categorization mechanisms include finding content by using:
- Keyword or metadata values (keyword query language)
- Previously identified patterns of sensitive information like social security, credit card, or bank account numbers (Sensitive information type entity definitions)
- Document fingerprinting: recognizing an item because it's a variation on a template
- The presence of exact strings exact data match
You can then automatically apply sensitivity labels and retention policies and retention labels to make the content available for use Microsoft Purview.
Trainable classifiers
A Microsoft Purview trainable classifiers is a tool you can train to recognize various types of content by giving it samples to evaluate. Once trained, you can use it to identify items for use in Microsoft Purview solutions, such as Office sensitivity labels, Communications compliance policies, and retention label policies.
- trainable classifiers
- sensitive information types
- exact data match based sensitive information types
- data explorer
- content explorer (classic)
- activity explorer
You can find the classifiers in the Microsoft Purview portal > Information Protection > Classifiers page. You can find the explorers in the Microsoft Purview portal > Information Protection > Explorers page.
Data classification scans your sensitive content and labeled content before you create any policies. This is called zero change management. This lets you see the impact that all the retention and sensitivity labels are having in your environment and empower you to start assessing your protection and governance policy needs.
Prerequisites
Permissions
To access the data classification page, assign an account to any one of these roles or role groups.
Microsoft 365 role groups
- Global administrator
- Compliance administrator
- Security administrator
- Compliance data administrator
Note
As a best practice, always use the role with least privilege to grant access to Microsoft 365 data classification.
Roles and role groups
You can use roles and role groups to fine tune your access controls.
Here's a list of applicable roles. To learn more about them, see Permissions in the Microsoft Purview portal.
- Information Protection Admin
- Information Protection Analyst
- Information Protection Investigator
- Information Protection Reader
Here's a list of applicable role groups. To learn more about them, see Permissions in the Microsoft Purview portal.
- Information Protection
- Information Protection Admins
- Information Protection Analysts
- Information Protection Investigators
- Information Protection Readers
See also
- View label activity
- View labeled content
- Learn about sensitivity labels
- Learn about retention policies and retention labels
- Learn about sensitive information types
- Sensitive information type entity definitions
- Learn about trainable classifiers (preview)
To learn how to use data classification to comply with data privacy regulations, see Deploy information protection for data privacy regulations with Microsoft 365 (aka.ms/m365dataprivacy).