Microsoft has unveiled significant new data protection capabilities for its Edge for Business browser, specifically targeting the challenges posed by Bring Your Own Device (BYOD) environments and the growing integration of AI in daily workflows.
Announced on March 24, 2025, these enhancements aim to empower IT and security teams with more robust controls to safeguard sensitive organizational data in increasingly complex digital environments.
The tech giant is extending data security controls to personal or unmanaged devices and introducing inline discovery and protection for consumer AI applications.
.png
)
This development comes as organizations face more frequent and sophisticated cybersecurity threats while managing the security implications of flexible work arrangements.
“Cybersecurity threats have become more frequent and sophisticated, making it increasingly challenging for you to protect sensitive organizational data,” Microsoft stated in their announcement.
With AI now integrated into daily workflows, securing and ensuring compliant AI usage has become a priority for security professionals.
At the core of these enhancements is the powerful combination of Edge for Business, Microsoft Intune, and Microsoft Purview, which together create a comprehensive secure enterprise browser solution for BYOD scenarios.
Intune performs critical device health checks before granting access to corporate resources, ensuring only devices meeting specific security standards can access sensitive data.
Key Components of BYOD Security
- Intune Device Health Checks: Ensure that only devices meeting specific security standards can access corporate data.
- Purview Data Security Controls: Allow for nuanced, real-time, and context-aware data security policies that balance protection with productivity.
- App Protection Policies: Enforce all access to corporate resources through Edge for Business.
New Controls for Consumer AI Apps
The most notable new feature is the inline protection capability in Purview, which allows administrators to prevent users from submitting typed prompts containing sensitive data to consumer AI apps, starting with ChatGPT, DeepSeek, Google Gemini, and Microsoft Copilot.
This capability enables real-time monitoring and blocking of potential data leakage through AI applications.
“With Purview data security controls now extending to Edge for Business on personal and unmanaged devices, organizations can create nuanced, real-time, and context-aware data security policies that balance protection with productivity,” the company explained.
These policies allow for granular control over how corporate data is handled. For example, organizations can permit employees using personal devices to download non-sensitive information like benefits brochures while blocking the download of records containing personal contact information or social security numbers:
Implementation and Availability
For Windows devices, the solution supports applying policy to the Microsoft Edge browser on Windows 11 and Windows 10 version 20H2 and higher with KB5031445 installed.
The data security controls for unmanaged Windows and macOS devices will be available in public preview in the coming weeks and are included in Microsoft 365 E5, E5 Compliance, and E5 Information Protection & Governance licenses.
The announcement comes as Microsoft is also expanding its AI security posture with new detections for emerging AI threats.
Starting in May 2025, new AI detections for risks identified by OWASP, such as indirect prompt injection attacks and sensitive data exposure, will be generally available in Microsoft Defender.
These capabilities will help security operations center analysts better protect and defend custom-built AI applications.
Industry experts note that these enhancements are particularly timely. Organizations report a 57% increase in security incidents related to AI usage, while 60% have not yet implemented AI controls.
Investigate Real-World Malicious Links & Phishing Attacks With Threat Intelligence Lookup - Try for Free
