check before: 2025-10-01
Product:
Microsoft 365 Groups, Purview Communication Compliance, Purview compliance portal, Purview Information Protection, Purview Insider Risk Management
Platform:
US Instances, Web, World tenant
Status:
In development
Change type:
Links:
Details:
With this release, Insider Risk Management administrators can include or exclude specific users, groups, and adaptive scopes within policies. We are also adding support for non-mail enabled Security Groups within IRM policies. Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, data leakage and security violations. Insider Risk Management enables customers to create policies based on their own internal policies, governance and organizational requirements. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy.
Change Category:
XXXXXXX ... free basic plan only
Scope:
XXXXXXX ... free basic plan only
Release Phase:
Preview, General Availability
Created:
2025-03-11
updated:
2025-03-11
Public Preview Start Date
XXXXXXX ... free basic plan only
Docu to Check
XXXXXXX ... free basic plan only
MS workload name
XXXXXXX ... free basic plan only
summary for non-techies**
XXXXXXX ... free basic plan only
Direct effects for Operations**
Policy Misconfiguration
Without proper preparation, the new policy scoping enhancements may lead to misconfigured insider risk policies, resulting in either overexposure of sensitive data or insufficient monitoring of potential insider threats.
- roles: Insider Risk Management Administrators, Compliance Officers
- references: https://techcommunity.microsoft.com/t5/security-compliance-identity/microsoft-purview-compliance-center-insider-risk-management/ba-p/3741230
User Privacy Concerns
The implementation of new policies without adequate communication and training may raise user privacy concerns, leading to decreased trust in the organization's data handling practices and potential pushback from employees.
- roles: Human Resources, IT Security Teams
- references: https://www.microsoft.com/en-us/security/blog/2021/06/15/insider-risk-management-in-microsoft-365/
Configutation Options**
XXXXXXX ... paid membership only
IT Security**
XXXXXXX ... paid membership only
explanation for non-techies**
XXXXXXX ... free basic plan only
** AI generated content. This information must be reviewed before use.
a free basic plan is required to see more details. Sign up here
A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.
Last updated 1 week ago
