The old experience: When an admin found sensitive or overshared content during an investigation in Data Security Investigations (DSI), there were only 2 mitigation options: hard delete the item or leave it exposed while deciding what to do next.
The problem with that: Permanent deletion during an active investigation is a high-stakes call. We were caught between two bad choices: act fast and lose recoverability, or move slowly and leave sensitive data sitting exposed.
Neither feels right when you’re in the middle of a breach or insider risk scenario!
What’s new: Microsoft has now introduced Soft Purge as a mitigation action inside DSI. A smarter way to act fast without losing control. We can delete the item from active exposure, but it stays recoverable until its deleted item retention period expires. Best of both worlds.
- Act immediately on overshared or sensitive data
- Retain recoverability for legal or audit needs
- Stay aligned with existing DLP, labeling, and retention policies
- No setup required, available by default
Soft purge removes the pressure entirely. This will be available from early April 2026. If you manage DSI, go check your mitigation options now.