165996 – Microsoft Purview compliance portal: Insider Risk Management – Enhancements to app and risky browsing activity evidence (archived)

Product:

Purview Communication Compliance, Purview Insider Risk Management

Platform:

US Instances, Web, World tenant

Status:

Launched

Change type:

Feature update

Links:

Details:

This update provides two enhancements to app and risky browsing activities that may lead to a data security incident in forensic evidence. Admins with appropriate permissions will no longer need to enable browsing indicators from the insider risk settings page to gain visual insights of these activities. In addition, the feature has been updated with more precise detection when users switch between tabs and windows. This results in more reliable visual evidence insights when context is switched in the browser. Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, data leakage, and security violations. Insider Risk Management enables customers to create policies based on their own internal policies, governance, and organizational requirements. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy. Note: The roadmap item was inadvertently marked rolling out and has now been corrected. We apologize for any inconvenience this may have caused.

Change Category:
XXXXXXX ... free basic plan only

Scope:
XXXXXXX ... free basic plan only

Release Phase:
General Availability

Created:
2023-08-23

updated:
2024-03-26

Docu to Check

XXXXXXX ... free basic plan only

MS workload name

XXXXXXX ... free basic plan only

Direct effects for Operations**

- Direct Impact on IT Operations
- Enhanced Monitoring Capabilities
- Improved detection of risky browsing activities may lead to increased data processing and storage requirements.
- Roles impacted: IT Operations Team, Data Analysts
- Reference: [Microsoft Purview Insider Risk Management](https://www.microsoft.com/en-us/security/business/insider-risk-management)
- Potential Increase in Incident Response Activities
- More precise detection may result in a higher volume of alerts, necessitating additional resources for monitoring and response.
- Roles impacted: Security Operations Center (SOC) Team, IT Security Analysts
- Reference: [Insider Risk Management Overview](https://techcommunity.microsoft.com/t5/security-compliance-identity/insider-risk-management-in-microsoft-365/ba-p/1921940)

- Direct Impact on IT Services
- Changes in User Experience
- Users may experience changes in how their browsing activities are monitored, potentially leading to confusion or concern about privacy.
- Roles impacted: End Users, Compliance Officers
- Reference: [Microsoft Compliance Center](https://www.microsoft.com/en-us/microsoft-365/compliance/microsoft-compliance-center)
- Dependency on Other IT Services
- The enhancements may require integration with existing security tools and services, which could lead to compatibility issues or require additional configuration.
- Roles impacted: IT Administrators, System Integrators
- Reference: [Microsoft Purview Integration](https://learn.microsoft.com/en-us/microsoft-365/compliance/purview-integration?view=o365-worldwide)

Data Protection**

XXXXXXX ... paid membership only