484082 – Microsoft Purview compliance portal: Collection policies impact on IRM

Product:

Purview, Purview Communication Compliance, Purview compliance portal, Purview Information Protection, Purview Insider Risk Management

Platform:

Web, World tenant

Status:

Launched

Change type:

Links:

MC1051100

Details:

With this update, Microsoft Purview will start supporting collection policies. Collection policies allow customers to scope classification (SITs - Sensitive Information Types) and activities for scoped users. We recommend reviewing collection policies as they can be created by different Purview solution admins to ensure they are setup to detect the activities required by IRM policies Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, data leakage, and security violations. Insider Risk Management enables customers to create policies to manage security and compliance. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy.

Change Category:
XXXXXXX ... free basic plan only

Scope:
XXXXXXX ... free basic plan only

Release Phase:
General Availability, Preview

Created:
2025-03-11

updated:
2026-01-21

Public Preview Start Date

XXXXXXX ... free basic plan only

Docu to Check

XXXXXXX ... free basic plan only

MS workload name

XXXXXXX ... free basic plan only

summary for non-techies**

XXXXXXX ... free basic plan only

Direct effects for Operations**

Please, look at the most relevant linked item for details

explanation for non-techies**

Imagine your office is like a busy airport. Each employee is like a passenger, carrying different types of luggage. Some of this luggage might contain sensitive items, like important documents or personal belongings. In the IT world, these sensitive items are known as Sensitive Information Types (SITs), and it's crucial to ensure they are handled correctly to prevent any security breaches or data leaks.

Microsoft Purview is like the airport's security system, designed to monitor and manage how this sensitive information is handled within your organization. Recently, Purview has introduced something called "collection policies." Think of these policies as new security checkpoints that can be set up to specifically watch over certain passengers (or employees) and their luggage (or data activities).

These collection policies allow IT administrators to focus on particular types of sensitive information and specific activities of certain users. It's like having a dedicated security lane for frequent flyers who might carry more sensitive items, ensuring they are thoroughly checked without slowing down the entire airport.

For those managing insider risks, like HR or compliance officers, this means you can now have a more tailored approach to monitoring potential threats. Insider Risk Management (IRM) is like having undercover security personnel who watch for unusual behavior, such as someone trying to sneak out valuable company information. With these new collection policies, you can better identify and manage these risks by focusing on the most critical areas.

Moreover, privacy is a top priority. Just like how passengers are screened without revealing their identities to everyone, Microsoft Purview ensures that users' identities are protected through pseudonymization. This means that while activities are monitored, personal details are kept private, much like how an airport security system would keep passenger details confidential.

In summary, the introduction of collection policies in Microsoft Purview allows for more precise monitoring of sensitive information and user activities, enhancing the ability to manage insider risks while maintaining user privacy. This is akin to improving airport security measures to ensure safety without compromising passenger privacy.