check before: 2025-04-15
Product:
Microsoft 365 Groups, Purview Communication Compliance, Purview compliance portal, Purview Information Protection, Purview Insider Risk Management
Platform:
Online, US Instances, Web, World tenant
Status:
In development
Change type:
New feature, Admin impact
Links:
Details:
Microsoft Purview Insider Risk Management will be rolling out enhancements to user scoping features in Policies.
This message is associated with Microsoft 365 Roadmap ID 484081.
[When this will happen:]
Public Preview: We will begin rolling out on mid-April 2025 and expect to complete by late April 2025.
General Availability (Worldwide): We will begin rolling out in late June 2025 and expect to complete by early July 2025.
General Availability (GCC, GCC High, DoD): We will begin rolling out in early October 2025 and expect to complete by early November 2025.
Change Category:
XXXXXXX ... free basic plan only
Scope:
XXXXXXX ... free basic plan only
Release Phase:
General Availability, Preview
Created:
2025-04-04
updated:
2025-04-04
Public Preview Start Date
XXXXXXX ... free basic plan only
Task Type
XXXXXXX ... free basic plan only
Docu to Check
XXXXXXX ... free basic plan only
MS How does it affect me
XXXXXXX ... free basic plan only
MS Preperations
XXXXXXX ... free basic plan only
MS Urgency
XXXXXXX ... free basic plan only
MS workload name
XXXXXXX ... free basic plan only
linked item details
XXXXXXX ... free basic plan only
summary for non-techies**
Microsoft is enhancing its Purview Insider Risk Management tool by introducing user scoping features that allow administrators to include or exclude specific users, groups, and adaptive scopes in policies, and by adding support for non-email-based security groups, all while ensuring user privacy through pseudonymization and role-based access controls.
Direct effects for Operations**
User Scoping Features Enhancement
Without proper preparation, the enhancement may lead to misconfigured policies that either exclude critical users or include unnecessary ones, resulting in potential data breaches or insider threats going undetected.
- roles: Insider Risk Management Admin, Compliance Officer
- references: https://purview.microsoft.com/informationprotection/purviewmipoverview, https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=484081
Policy Misconfiguration Risks
The introduction of non-email enabled Security Groups may cause confusion and mismanagement in policy application, leading to inconsistent enforcement of insider risk policies and potential compliance issues.
- roles: Insider Risk Management Admin, IT Security Manager
- references: https://purview.microsoft.com/informationprotection/purviewmipoverview, https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=484081
Configutation Options**
XXXXXXX ... paid membership only
IT Security**
XXXXXXX ... paid membership only
explanation for non-techies**
XXXXXXX ... free basic plan only
** AI generated content. This information must be reviewed before use.
a free basic plan is required to see more details. Sign up here
A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.
Last updated 1 month ago
