*For this entry exists the more relevant or more recent entry MC1147381
check before: 2025-12-01
Product:
Purview, Purview Communication Compliance, Purview compliance portal, Purview Insider Risk Management
Platform:
US Instances, Web, World tenant
Status:
Launched
Change type:
Links:
Details:
In this update, we are adding the recently added email indicators in Insider Risk Management as triggers. 1. Sending email with attachments to free public domains - Users will be brought into scope of a policy when business-sensitive data is potentially leaked from a work email account to a free public domain email, potentially leading to a data security incident. 2. Sending email with attachments to self - Users will be brought into scope of a policy when business-sensitive data is potentially leaked from a work email account to user's personal email account or emailing self, potentially leading to a data security incident. Admins with appropriate permissions can enable these indicators from the settings page and use these triggers in the data leaks or data leaks by priority users template.
Change Category:
XXXXXXX ... free basic plan only
Scope:
XXXXXXX ... free basic plan only
Release Phase:
General Availability, Preview
Created:
2025-08-09
updated:
2026-01-21
Public Preview Start Date
XXXXXXX ... free basic plan only
Docu to Check
XXXXXXX ... free basic plan only
MS workload name
XXXXXXX ... free basic plan only
summary for non-techies**
XXXXXXX ... free basic plan only
Direct effects for Operations**
Please, look at the most relevant linked item for details
explanation for non-techies**
Microsoft has introduced new features in its Purview compliance portal, specifically within the Insider Risk Management tool. These updates focus on identifying potential data security risks related to email usage. Imagine your work email as a secure vault where business-sensitive information is stored. Now, consider what happens if someone tries to move valuable items from this vault to a less secure location. This is similar to what happens when sensitive data is sent from a work email to a personal or public email account.
The first update acts like a security camera that alerts you when someone tries to send an email with attachments to a free public domain, like Gmail or Yahoo. This is important because these domains are not controlled by your organization, making it easier for sensitive information to be leaked or accessed by unauthorized individuals.
The second update is like having a motion sensor that triggers an alert when someone sends an email with attachments to their own personal email account. This is akin to someone taking a document from the office and putting it in their personal briefcase. While it might be for legitimate reasons, it could also pose a risk if the information is not handled securely.
Admins, much like security officers, can set up these alerts to monitor and manage these potential risks. They can adjust the settings to determine what actions should be taken if such activities are detected. This helps in preventing data leaks and ensuring that sensitive information remains within the secure boundaries of the organization.
** AI generated content. This information must be reviewed before use.
a free basic plan is required to see more details. Sign up here
A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.
change history
| Date | Property | old | new |
| 2026-01-21 | RM Product Tags | Microsoft Purview compliance portal | Microsoft Purview |
| 2025-11-19 | RM Release | December CY2025 | November CY2025 |
| 2025-11-19 | RM Status | In development | Launched |
| 2025-09-10 | RM Release | September CY2025 | December CY2025 |
Last updated 4 weeks ago ago
