check before: 2025-03-01
Product:
Purview Communication Compliance, Purview Information Protection, Purview Insider Risk Management
Platform:
US Instances, Web, World tenant
Status:
In development
Change type:
Links:
Details:
This introduces the ability to exclude users and groups from IRM policies. Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks such as IP theft, data leakage, and security violations. Insider Risk Management enables customers to create policies based on their own internal policies, governance, and organizational requirements. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy.
Change Category:
XXXXXXX ... free basic plan only
Scope:
XXXXXXX ... free basic plan only
Release Phase:
General Availability
Created:
2024-09-06
updated:
2024-09-06
Docu to Check
XXXXXXX ... free basic plan only
MS workload name
XXXXXXX ... free basic plan only
explanation for non-techies**
XXXXXXX ... free basic plan only
Direct effects for Operations**
User Exclusion from Insider Risk Policies
Excluding users from Insider Risk Management policies without proper preparation may lead to undetected insider threats, such as data leakage or IP theft, as the system will not monitor these users for potential risks.
- roles: Compliance Officer, IT Security Manager
- references: https://techcommunity.microsoft.com/t5/security-compliance-identity/insider-risk-management-in-microsoft-purview/ba-p/3651230, https://www.microsoft.com/en-us/security/blog/2021/09/29/insider-risk-management-in-microsoft-purview/
" target="_blank" rel="nofollow noopener noreferrer">https://www.microsoft.com/en-us/security/blog/2021/09/29/insider-risk-management-in-microsoft-purview/
Impact on Compliance and Governance
Changes to exclusion policies without adequate planning can result in non-compliance with internal governance standards, leading to potential legal ramifications and loss of trust from stakeholders.
- roles: Compliance Officer, Legal Advisor
- references: https://www.microsoft.com/en-us/security/blog/2021/09/29/insider-risk-management-in-microsoft-purview/, https://www.microsoft.com/en-us/microsoft-365/compliance/insider-risk-management
Configutation Options**
Exclude Users from Insider Risk Policies
You can exclude specific users or groups from being monitored by Insider Risk Management policies to tailor the compliance approach to your organization's needs.
- technical instructions: 1. Go to the Microsoft Purview compliance portal. 2. Navigate to 'Insider risk management'. 3. Select 'Policies' and choose the policy you want to edit. 4. Under 'User exclusions', add the users or groups you want to exclude. 5. Save your changes.
- references: https://learn.microsoft.com/en-us/microsoft-365/compliance/insider-risk-management?view=o365-worldwideexclude-users-from-insider-risk-policies
Configure Insider Risk Management Policies
You can configure various settings within Insider Risk Management policies to manage how risks are detected and reported.
- technical instructions: 1. Access the Microsoft Purview compliance portal. 2. Go to 'Insider risk management'. 3. Click on 'Policies' and select 'Create policy' or edit an existing one. 4. Define the policy settings, including thresholds and triggers for alerts. 5. Review and save the policy.
- references: https://learn.microsoft.com/en-us/microsoft-365/compliance/insider-risk-management-policies?view=o365-worldwide
IT Security**
XXXXXXX ... paid membership only
** AI generated content. This information must be reviewed before use.
a free basic plan is required to see more details. Sign up here
A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.