Knowledge base
March 15, 2025
Sensitive Information Types: Ready for NIS2?
More and more companies are taking data governance seriously, and for good reason. With the upcoming NIS2 directive in the Netherlands, companies are required to have their information security in orderΒΉ. And beware: soon there will be real fines for non-compliance! π¨
Microsoft Purview provides powerful tools to identify and protect sensitive data. A critical part of these are Sensitive Information Types, or Sensitive Information Types (SITs). But how do they work and why are they essential for your organization?
π§ What are Sensitive Information Types (SITs)?
A Sensitive Information Type or Sensitive Information Type (SIT) in Microsoft Purview helps you automatically detect sensitive data, such as:
β
Personally identifiable information (PII).
β
Payment card information (e.g., credit card numbers)
β
Confidential business information (such as contracts or patents)
β
Medical or financial data
Using machine learning, pattern recognition and keywords, Microsoft Purview can find sensitive data in emails, SharePoint documents, OneDrive and more.
π What Sensitive Information Types are there?
Microsoft Purview offers standard and custom SITs.
πΉ Standard Sensitive Information Types
With more than 300 off-the-shelf SITs, Microsoft Purview helps you with compliance with AVG and NIS2, among others. Some examples:
πΉ Credit Card Number β Recognizes credit card numbers used worldwide.
πΉ U.S. Social Security Number (SSN) β Detects U.S. citizen service numbers
πΉ IBAN (International Bank Account Number) β Recognizes bank account numbers
πΉ AVG data β Recognizes passport numbers, email addresses and phone numbers
πΉ Custom Sensitive Information Types
Want to protect specific company information? Then create your own SIT:
πΈ Specific customer data or internal IDs
πΈ Unique keywords or patterns (such as project codes)
πΈ Regular expressions to recognize data patterns
π How to Use Sensitive Information Types.
SITs are used in various Microsoft security solutions, such as:
πΉ Data Loss Prevention (DLP) β Prevents sensitive information from being shared
πΉ Microsoft Defender for Cloud Apps β Prevents sensitive data from ending up in unauthorized apps
πΉ Microsoft Information Protection (MIP) β Labels and encrypts documents
πΉ Insider Risk Management β Detects suspicious internal behavior
π― Why are SITs Important for NIS2?
With the introduction of NIS2 in the Netherlands, companies are required to take cybersecurity measures and protect sensitive data. Without proper data governance, you risk high fines!
β
Automatic protection of sensitive data
β
Compliance with NIS2, AVG and other regulations
β
Prevention of data breaches and reputational damage
β
Efficiency β less manual management required
β οΈ Is Your Organization Ready for NIS2?
As of Q3 2025, NIS2 will officially go into effect in the Netherlands. This means that companies must comply with strict cybersecurity requirements. Are you ready? π€
Want to make sure your organization is compliant and avoid fines? π
π Get in touch with ALTA-ICT! We help companies with:
βοΈ NIS2 compliance audits
βοΈ Modern Workspaces NIS2 compliant
βοΈ Microsoft Purview and DLP implementations
βοΈ Security awareness trainings
βοΈ Automation of data governance
π Avoid risk and take the first step toward compliance now! π
π¬ Schedule a no-obligation consultation with our experts! π‘οΈ
References:
ΒΉhttps://alta-ict.nl/blog/wat-gaat-de-nis2-richtlijn-betekenen-voor-jouw-organisatie/
About the author
My name is Alta Martes, a specialist in Microsoft 365 and Google Workspace, with a focus on modern workplace management, cloud security and identity & access management. With years of experience, I help organizations optimize their IT infrastructure and create a secure, efficient digital workplace.
π― Need help with your Microsoft 365 strategy?
Click below and find out how we can support your organization:
Want to know more?
Related
blogs
Tech Updates: Microsoft 365, Azure, Cybersecurity & AI β Wekelijks in je Mailbox.