Microsoft Purview · DSPM (Classic)

Data Security Viewer

Read-only access to DSPM dashboard insights, analytics, and Security Copilot for viewing data security posture without policy modification or investigation.

Scope: Read-only DSPM dashboard, analytics, and Security Copilot access for oversight and reporting

Permissions

  • View Data Security Posture Management (DSPM) dashboard insights and reports
  • Use Microsoft Security Copilot for Security to view detailed DSPM information and AI-powered analysis
  • Access DSPM analytics trends showing sensitivity label usage and DLP policy coverage
  • View data security recommendations (cannot create policies)
  • Review unprotected sensitive assets reports and risk visualization
  • Monitor risky user behavior trends and data movement patterns
  • Access DSPM reports on data security posture over time
  • View top data security risks and vulnerabilities across organization
  • Use Security Copilot promptbooks for read-only investigation and risk identification
  • Review sensitivity label application coverage and classification effectiveness
  • View DLP policy effectiveness metrics and gap analysis
  • Monitor Insider Risk Management alert volumes and trends
  • Access aggregate analytics without individual user investigation access

Common use cases

  • Executive leadership monitoring overall data security posture for board reporting
  • Security managers generating compliance metrics and trend reports for leadership
  • Audit committee members reviewing data protection program effectiveness
  • External auditors assessing DSPM implementation and coverage during compliance reviews
  • Risk management teams monitoring organizational data security risk exposure
  • Compliance reporting specialists creating regulatory compliance documentation
  • Business unit leaders tracking data security metrics for their departments
  • Security consultants reviewing DSPM configuration and recommendations
  • Privacy officers monitoring data protection trends and unprotected asset reduction
  • Program managers tracking data security initiative progress and ROI
  • SOC analysts using Security Copilot for read-only threat intelligence without investigation
  • Internal auditors verifying data security controls and policy coverage
  • Management dashboards displaying real-time data security posture to stakeholders

Best practices

  • Use for executive dashboards and governance reporting to leadership and board
  • Generate regular DSPM reports showing data security posture improvement trends
  • Use Security Copilot to explore top data security risks and recommended actions
  • Monitor unprotected sensitive assets trends to measure policy effectiveness
  • Track sensitivity label usage and DLP policy coverage metrics for maturity assessment
  • Review risky user behavior trends to identify training needs or process gaps
  • Export DSPM analytics for custom Power BI dashboards and executive presentations
  • Share aggregate data security metrics while protecting individual user privacy
  • Benchmark DSPM metrics against industry standards and best practices
  • Coordinate with Data Security Management role holders to recommend improvements
  • Use DSPM reports for quarterly compliance board updates and audit documentation
  • Monitor DSPM recommendation trends to understand evolving organizational risk patterns
  • Leverage Security Copilot promptbooks to quickly understand complex data security issues
  • Track data security posture changes over time to demonstrate program value and ROI

Security considerations

  • Cannot create policies, investigate users, or access Content Explorer - minimal privacy risk
  • Read-only access to aggregate data and trends only - safe for broad executive access
  • Security Copilot access provides AI-powered insights without investigation capabilities
  • Lowest risk DSPM role - appropriate for external auditors and oversight functions
  • Cannot view individual user activities or file content - maintains privacy boundaries
  • DSPM dashboard may reveal organizational data security gaps and vulnerabilities
  • Recommendation visibility shows potential policy weaknesses - protect from unauthorized disclosure
  • Analytics trends may indirectly indicate business-sensitive activities or risk areas
  • Security Copilot responses based on DSPM data - ensure appropriate use of AI insights
  • Export capabilities should be monitored - reports may contain strategic security information
  • Administrative units restrictions may limit DSPM visibility - verify permissions

Official Microsoft Learn documentation →

Open the interactive RBACMap →