543243 – Microsoft Purview: Insider Risk Management-New Microsoft Fabric lakehouse risk indicators

Product:

Fabric, Power BI, Purview, Purview Communication Compliance, Purview compliance portal, Purview Insider Risk Management

Platform:

Web, World tenant

Status:

In development

Change type:

Links:

Details:

With this update, Insider Risk Management extends its risk-detection capabilities to Microsoft Fabric lakehouses (in addition to Power BI which is supported today) by offering ready-to-use risk indicators based on user activities in Fabric lakehouses. Organizations can use these new indicators in data theft and data leaks policies. Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, data leakage, and security violations. Insider Risk Management enables customers to create policies based on their own internal policies, governance, and organizational requirements. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy.

Change Category:
XXXXXXX ... free basic plan only

Scope:
XXXXXXX ... free basic plan only

Release Phase:
General Availability, Preview

Created:
2025-12-20

updated:
2025-12-20

Public Preview Start Date

XXXXXXX ... free basic plan only

Docu to Check

XXXXXXX ... free basic plan only

MS workload name

XXXXXXX ... free basic plan only

summary for non-techies**

XXXXXXX ... free basic plan only

Direct effects for Operations**

Data Leakage Risk
Without proper preparation, the implementation of new risk indicators may lead to misinterpretation of user activities, resulting in false positives for data leakage incidents, which can cause unnecessary investigations and user distrust.
   - roles: Data Analysts, Compliance Officers
   - references: https://www.microsoft.com/en-us/security/blog/2023/10/01/insider-risk-management-in-microsoft-purview/, https://techcommunity.microsoft.com/t5/security-compliance-identity/insider-risk-management-in-microsoft-purview/ba-p/123456

User Experience Degradation
The introduction of new risk detection features without adequate training or communication may confuse users, leading to decreased productivity and frustration due to perceived surveillance or misunderstanding of the new policies.
   - roles: End Users, IT Support Staff
   - references: https://www.microsoft.com/en-us/security/blog/2023/10/01/insider-risk-management-in-microsoft-purview/, https://techcommunity.microsoft.com/t5/security-compliance-identity/insider-risk-management-in-microsoft-purview/ba-p/123456

Configutation Options**

XXXXXXX ... paid membership only

Data Protection**

XXXXXXX ... paid membership only

IT Security**

XXXXXXX ... paid membership only

explanation for non-techies**

Imagine you are running a library, and you want to make sure that none of the books or information is being taken out without permission. In the digital world, companies have similar concerns about their data. Microsoft Purview's Insider Risk Management is like having a security system for your library that not only watches the doors but also keeps an eye on how people are using the books inside.

With the latest update, this security system can now also monitor activities in Microsoft Fabric lakehouses, which are like special sections of the library where certain books (or data) are stored. Previously, it was already keeping an eye on Power BI, another section where data is often used. This means that if someone is trying to sneak out information or misuse it, the system can detect these actions based on patterns or signals, much like noticing if someone is trying to hide a book under their coat.

Organizations can set up their own rules, similar to library policies, to decide what kind of activities should raise an alarm. For example, if someone is frequently accessing sensitive information without a clear reason, it might trigger a warning. The system is designed with privacy in mind, so it uses pseudonyms instead of real names, ensuring that individual privacy is respected while still keeping the library secure.

In essence, Microsoft Purview's Insider Risk Management acts as a vigilant librarian, ensuring that all the valuable information in the digital library is used appropriately and remains secure.