Have you heard about Microsoft’s new Claude Enterprise connector for Purview.
At a high level, enterprise AI connectors are designed to collect and govern activity occurring within enterprise AI platforms. Depending on the platform and integration, that can include information such as user activity, utilization, prompts, responses, uploaded content, administrative actions, and other telemetry generated as employees interact with AI services.
Capturing that information can be extremely valuable. It provides organizations with visibility into how AI is being used, what platforms are being adopted, and how those interactions align with company policies and compliance requirements. When that data is brought into a centralized platform with a common schema, investigation tools, dashboards, and reporting capabilities, it becomes much easier to understand AI usage across the organization rather than treating each AI platform as its own isolated data source.
Here is an excellent 10-min video intro: AI and Agent Data Security Controls in Microsoft Purview – YouTube
Enterprise AI Is Becoming the Standard
Most major AI providers now offer enterprise versions of their services.
Examples include:
- Claude Enterprise
- ChatGPT Enterprise
- Gemini Enterprise
- Microsoft 365 Copilot
- Azure AI Foundry agents and enterprise AI applications
These platforms are designed specifically for business use. Organizations can integrate them with corporate identity providers, enforce single sign-on, manage access through employee accounts, and benefit from enterprise privacy commitments and administrative controls.
In many organizations, these are exactly the services employees should be using when interacting with sensitive business information.
A developer reviewing source code, a consultant working with internal documentation, or a security analyst analyzing security data is generally better served using an approved enterprise AI platform than a personal account tied to a consumer AI service.
That distinction becomes important when discussing governance.
Public vs. Enterprise AI Governance
When most people think about AI security, they immediately think about data loss prevention:
- An employee copies sensitive company information into a personal ChatGPT account.
- An employee uploads intellectual property into a public AI service.
- An employee uses an unapproved AI application from a corporate device.
Microsoft already provides several technologies that help organizations monitor and govern those scenarios. Defender for Endpoint, Defender for Cloud Apps, and Purview can identify interactions with AI applications, classify the information being shared, and in some cases audit, alert on, or block the activity.
Enterprise AI platforms are different.
Services such as Claude Enterprise, ChatGPT Enterprise, Microsoft 365 Copilot, and Azure AI Foundry are specifically designed to support business use cases involving private company information. In many cases, these are the platforms organizations want employees to use.
That doesn’t mean governance becomes unnecessary. It simply means the questions change.
Instead of asking:
“Are my employees leaking data to an untrusted AI?”
Organizations begin asking:
“How are employees using AI, and does that usage align with company policies, regulatory requirements, and business expectations?”
What Do These Connectors Collect?
Microsoft supports OpenAI and Claude enterprise connectors fo Purview. The number of supported enterprise services will certainly grow in time.
One of the first questions I had was what data was actually being collected.
Depending on the platform and integration, the available telemetry may include:
- User identity
- AI application identity
- Activity records
- Administrative actions
- Uploaded files
- Conversation metadata
- Prompt content
- Response content
- Agent and application interactions
The exact set of available data varies by platform and connector.
One thing worth keeping in mind is that the Claude Enterprise connector is still very new. The underlying APIs appear capable of providing a rich set of telemetry, including conversation-level activity. As Microsoft continues building out the integration, I wouldn’t be surprised to see additional reporting, investigation, and governance capabilities appear over time.
Regardless of the specific data being surfaced today, it is clear that Microsoft is thinking beyond simple audit events and toward a broader governance model for enterprise AI.
Why Purview Instead of Sentinel?
Why Purview?
There is nothing preventing organizations from collecting this data directly from Claude Enterprise, ChatGPT Enterprise, or other enterprise AI platforms and sending it to Log Analytics, Databricks, object storage, or another analytics platform through custom integrations.
What makes Purview interesting is that Microsoft already has a governance framework built around AI activity. Microsoft 365 Copilot monitoring, investigations, reporting, Activity Explorer, user-centric views, and related governance capabilities already exist within the platform. Extending that same framework to other enterprise AI services such as Claude Enterprise and ChatGPT Enterprise feels like a natural evolution.
Purview also provides a level of normalization that would otherwise require significant effort to build. As organizations adopt multiple AI platforms, each service exposes different APIs, schemas, and administrative experiences. Purview provides a centralized location to investigate AI activity regardless of which platform generated it.
It’s also worth noting that while there are currently no native Sentinel connectors for Claude Enterprise or ChatGPT Enterprise activity, there are existing integrations that allow organizations to bring Purview data into Sentinel if needed. Organizations are not necessarily forced to choose between the two platforms.
That doesn’t eliminate a potential role for Sentinel. Some organizations may still choose to archive or correlate portions of this data alongside their broader security telemetry. However, for governance, investigations, reporting, and day-to-day visibility, Purview appears to be the more natural destination.
What Can Organizations Do With The Data?
Once the data is collected, Purview provides a common set of tools for investigating and governing AI activity across supported platforms.
Organizations can:
- Review AI adoption and usage trends
- Investigate user activity
- Search AI interactions
- Analyze uploaded content
- Identify potential sensitive data exposure
- Support compliance investigations
- Support audit requirements
- Apply retention policies
- Generate governance and executive reporting
What stood out to me is that these capabilities are presented through a common experience rather than requiring administrators to learn the tooling, APIs, and investigation workflows of each individual AI provider. As organizations adopt multiple AI platforms, that centralized approach becomes increasingly valuable.
What About Cost?
Organizations evaluating these capabilities should also consider cost.
Microsoft’s own AI services, such as Microsoft 365 Copilot, already participate in the broader Purview governance ecosystem. The enterprise connectors for services such as Claude Enterprise and ChatGPT Enterprise appear to introduce additional Purview pay-as-you-go costs.
I haven’t attempted to estimate those costs, but they should be evaluated as part of any implementation effort. That said, you generally get what you pay for. Any solution that collects, stores, retains, classifies, analyzes, and presents large amounts of data is going to incur costs somewhere. Whether that cost comes in the form of licensing, storage, compute, retention, custom development, or ongoing operational support, there is always a total cost of ownership to consider.
The more important question is where you get the most value. There is significant value in a solution that is easy to deploy, easy to maintain, provides a common schema across multiple AI platforms, and delivers useful dashboards, investigations, reporting, and governance capabilities without requiring substantial custom development.
Looking Ahead
The Claude Enterprise connector is still very new, and I suspect we’re only seeing the beginning of where Microsoft is heading with AI governance.
Today the focus is largely on understanding how users interact with AI services. As organizations begin deploying more agents, automations, and AI-driven workflows, the conversation will likely expand beyond user activity alone.
Looking at both the Claude Enterprise and ChatGPT Enterprise integrations, it is easy to imagine these connectors evolving over time as Microsoft expands dashboarding, reporting, search capabilities, and the breadth of telemetry being surfaced through Purview. The underlying enterprise APIs appear capable of exposing a rich set of information, and I suspect the governance experience will continue to mature alongside them.
I also find myself wondering how services such as Agent 365 may eventually fit into this picture. Today the focus is primarily on understanding user interactions with AI. Tomorrow organizations may need visibility not only into what users are doing, but also what their agents are doing on their behalf.
While I haven’t seen documentation suggesting this is happening today, it seems entirely feasible that telemetry collected from enterprise AI platforms such as Claude Enterprise and ChatGPT Enterprise could eventually contribute to broader agent identification, tracking, and governance scenarios. As organizations adopt more autonomous and semi-autonomous AI solutions, understanding the relationship between users, agents, and AI activity may become just as important as understanding the activity itself.
For now, the most interesting takeaway is that Microsoft appears to be building the foundation for that future rather than simply collecting another set of logs.