check before: 2025-04-15
Product:
Microsoft 365 Groups, Purview, Purview Communication Compliance, Purview compliance portal, Purview Information Protection, Purview Insider Risk Management
Platform:
Online, US Instances, Web, World tenant
Status:
Launched
Change type:
Admin impact, New feature, Updated message
Links:
Details:
Summary:
Microsoft Purview Insider Risk Management will enhance user scoping in policies, allowing admins to include/exclude specific users, groups, and adaptive scopes, including non-email enabled Security Groups. Rollout begins mid-April 2025, with general availability worldwide by July 2025 and in government clouds by January 2026.
Details:
Updated: We have updated the timeline for gov clouds. Thank you for your patience.
Microsoft Purview Insider Risk Management will be rolling out enhancements to user scoping features in Policies.
This message is associated with Microsoft 365 Roadmap ID 484081.
[When this will happen:]
Public Preview: We will begin rolling out on mid-April 2025 and expect to complete by late April 2025.
General Availability (Worldwide): We will begin rolling out in late June 2025 and expect to complete by early July 2025.
General Availability (GCC, GCC High, DoD): We will begin rolling out in early October 2025 and expect to complete by late January 2026 (previously early November 2025).
Change Category:
XXXXXXX ... free basic plan only
Scope:
XXXXXXX ... free basic plan only
Release Phase:
General Availability, Preview
Created:
2025-04-04
updated:
2025-10-27
Public Preview Start Date
XXXXXXX ... free basic plan only
Task Type
XXXXXXX ... free basic plan only
Docu to Check
XXXXXXX ... free basic plan only
MS How does it affect me
XXXXXXX ... free basic plan only
MS Preperations
XXXXXXX ... free basic plan only
MS Urgency
XXXXXXX ... free basic plan only
MS workload name
XXXXXXX ... free basic plan only
linked item details
XXXXXXX ... free basic plan only
summary for non-techies**
Microsoft is updating its Purview Insider Risk Management tool to allow administrators to include or exclude specific users or groups, including non-email enabled Security Groups, in risk management policies, enhancing precision in monitoring insider threats.
Direct effects for Operations**
User Scoping Errors
Without proper preparation, the new user scoping features may lead to incorrect inclusion or exclusion of users in Insider Risk Management policies, resulting in potential oversight of insider threats or unnecessary monitoring of non-risk users.
- roles: Insider Risk Management Admin, Compliance Officer
- references: https://purview.microsoft.com/informationprotection/purviewmipoverview, https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=484081
Increased False Positives
The lack of preparation for the new features may cause an increase in false positives in risk alerts, overwhelming the compliance team and leading to alert fatigue, which can diminish the effectiveness of the Insider Risk Management program.
- roles: Compliance Officer, Security Analyst
- references: https://purview.microsoft.com/informationprotection/purviewmipoverview, https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=484081
Configutation Options**
XXXXXXX ... paid membership only
IT Security**
XXXXXXX ... paid membership only
explanation for non-techies**
XXXXXXX ... free basic plan only
** AI generated content. This information must be reviewed before use.
a free basic plan is required to see more details. Sign up here
A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.
change history
| Date | Property | old | new |
| 2025-10-27 | MC prepare | Insider Risk Managment admins with appropriate permissions can select combinations of users, groups, and adaptive scopes to include or exclude from Insider Risk Management policies in the Microsoft Purview portal. Insider Risk Management admins can also choose non-email enabled Security Groups in the Users & Groups step of Insider Risk Management policies.
Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, data leakage, and security violations. Insider Risk Management enables customers to create policies based on their own internal policies, governance, and organizational requirements. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy. https://purview.microsoft.com/informationprotection/purviewmipoverview https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=484081 | Insider Risk Management admins with appropriate permissions can select combinations of users, groups, and adaptive scopes to include or exclude from Insider Risk Management policies in the Microsoft Purview portal. Insider Risk Management admins can also choose non-email enabled Security Groups in the Users & Groups step of Insider Risk Management policies.
Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, data leakage, and security violations. Insider Risk Management enables customers to create policies based on their own internal policies, governance, and organizational requirements. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy. https://purview.microsoft.com/informationprotection/purviewmipoverview https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=484081 |
| 2025-10-27 | MC MessageTagNames | New feature, Admin impact | Updated message, New feature, Admin impact |
| 2025-10-27 | MC Summary | Microsoft Purview Insider Risk Management will enhance user scoping in policies, allowing admins to include/exclude specific users, groups, and adaptive scopes, including non-email enabled Security Groups. Rollout begins mid-April 2025, with general availability worldwide by July 2025 and in government clouds by January 2026. | |
| 2025-10-27 | MC Last Updated | 04/04/2025 04:57:17 | 2025-10-27T18:24:05Z |
| 2025-10-27 | MC Messages | Microsoft Purview Insider Risk Management will be rolling out enhancements to user scoping features in Policies.
This message is associated with Microsoft 365 Roadmap ID 484081. [When this will happen:] Public Preview: We will begin rolling out on mid-April 2025 and expect to complete by late April 2025. General Availability (Worldwide): We will begin rolling out in late June 2025 and expect to complete by early July 2025. General Availability (GCC, GCC High, DoD): We will begin rolling out in early October 2025 and expect to complete by early November 2025. | Updated: We have updated the timeline for gov clouds. Thank you for your patience.
Microsoft Purview Insider Risk Management will be rolling out enhancements to user scoping features in Policies. This message is associated with Microsoft 365 Roadmap ID 484081. [When this will happen:] Public Preview: We will begin rolling out on mid-April 2025 and expect to complete by late April 2025. General Availability (Worldwide): We will begin rolling out in late June 2025 and expect to complete by early July 2025. General Availability (GCC, GCC High, DoD): We will begin rolling out in early October 2025 and expect to complete by late January 2026 (previously early November 2025). |
| 2025-10-27 | MC Title | Microsoft Purview compliance center: Insider Risk Management - Enhancements to user scoping features in Policies | (Update)Microsoft Purview compliance center: Insider Risk Management - Enhancements to user scoping features in Policies |
| 2025-10-27 | MC End Time | 12/29/2025 09:00:00 | 2026-02-27T09:00:00Z |
Last updated 2 weeks ago ago
