check before: 2025-08-01
Product:
Entra, Purview Communication Compliance, Purview Data Loss Prevention, Purview Information Protection, Purview Insider Risk Management
Platform:
Online, Web, World tenant
Status:
In development
Change type:
New feature, Admin impact
Links:
Details:
Summary:
Microsoft Purview Insider Risk Management will allow selecting multiple DLP policies as triggering events, enhancing flexibility and risk detection. Public preview starts late August 2025; general availability in December 2025. No action required, but admins can improve policy customization and compliance monitoring.
Details:
Introduction:
Microsoft Purview Insider Risk Management is enhancing policy configuration by enabling the selection of multiple Data Loss Prevention (DLP) policies as triggering events. Previously, only one DLP policy could be selected per Insider Risk Management policy. This update provides greater flexibility and alignment with complex organizational risk scenarios.
This message is associated with Microsoft 365 Roadmap ID 493756
When this will happen:
Public Preview: Rollout will begin in late August 2025 and is expected to complete by mid-September 2025.
General Availability (Commercial and Government Clouds): Rollout will begin in early December 2025 and is expected to complete by late December 2025.
Change Category:
XXXXXXX ... free basic plan only
Scope:
XXXXXXX ... free basic plan only
Release Phase:
General Availability, Preview
Created:
2025-08-28
updated:
2025-08-28
Public Preview Start Date
XXXXXXX ... free basic plan only
Task Type
XXXXXXX ... free basic plan only
Docu to Check
XXXXXXX ... free basic plan only
MS How does it affect me
XXXXXXX ... free basic plan only
MS Preperations
XXXXXXX ... free basic plan only
MS Urgency
XXXXXXX ... free basic plan only
MS workload name
XXXXXXX ... free basic plan only
linked item details
XXXXXXX ... free basic plan only
summary for non-techies**
XXXXXXX ... free basic plan only
Direct effects for Operations**
Increased Complexity in Policy Management
The introduction of multiple DLP policies as triggering events may lead to increased complexity in policy management, potentially causing confusion among admins and leading to misconfigurations.
- roles: IT Admin, Compliance Officer
- references: https://www.microsoft.com/microsoft-365/roadmap?rtc=1%26filters%3D&searchterms=493756
Potential for Increased False Positives
With multiple DLP policies triggering events, there is a risk of generating more false positives, which could overwhelm the compliance team and lead to alert fatigue.
- roles: Compliance Officer, Security Analyst
- references: https://www.microsoft.com/microsoft-365/roadmap?rtc=1%26filters%3D&searchterms=493756
Configutation Options**
XXXXXXX ... paid membership only
Data Protection**
XXXXXXX ... paid membership only
IT Security**
XXXXXXX ... paid membership only
explanation for non-techies**
Imagine you're a security guard at a large office building. Your job is to ensure that no unauthorized items or individuals enter the premises. Previously, you could only focus on one entry point at a time, which made it challenging to monitor everything effectively. Now, imagine if you could simultaneously watch multiple entry points, each with its own set of rules and triggers for what to look out for. This would make your job much easier and more efficient, allowing you to catch potential issues more quickly and accurately.
This is similar to what Microsoft Purview Insider Risk Management is doing with its new update. Before, admins could only set one Data Loss Prevention (DLP) policy as a trigger for identifying potential insider risks, like data leaks or security breaches. With the new change, they can now select multiple DLP policies as triggers. This means they can monitor a broader range of potential risks and scenarios, much like the security guard watching multiple entry points.
For managers and HR staff, this update means that the IT team can better customize and monitor compliance policies without needing to overhaul existing systems. It allows for more nuanced and comprehensive risk detection, aligning better with the complex needs of modern organizations. The update is designed to be flexible and doesn't require any immediate action from the organization, but it offers an opportunity to review and possibly enhance current risk management strategies.
In essence, this change is about giving organizations more tools to keep their data safe, much like providing a security guard with better equipment to protect a building. It's about improving the ability to detect and respond to potential risks, ensuring that sensitive information remains secure.
** AI generated content. This information must be reviewed before use.
a free basic plan is required to see more details. Sign up here
A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.
