MC781588 – (Updated) Purview | Insider Risk Management: Exfiltration of business sensitive data to free public domain emails

cloudscout.one Icon

check before: 2024-05-03

Product:

Microsoft 365 suite, Purview Communication Compliance, Purview Insider Risk Management

Platform:

Web, World tenant

Status:

Launched

Change type:

Admin impact, New feature, Updated message

Links:

393334

Details:

Summary:
Microsoft Purview Insider Risk Management is introducing a feature to detect exfiltration of sensitive data to free public domain emails, with a public preview in mid-May 2024 and general availability in late June 2024. The update enhances email insight alerts and adds new domain detection for better security incident prevention.

Details:
Updated August 9, 2024: We have updated the content below with additional information. Thank you for your patience.
Coming soon, Microsoft Purview Insider Risk Management will roll out exfiltration of business sensitive data to free public domain emails.

This message is associated with Microsoft 365 Roadmap ID 393334.
[When this will happen:]
Public Preview: We will begin rolling out mid-May 2024 and expect to complete by late May 2024.
General Availability: We will begin rolling out late June 2024 and expect to complete by early July 2024.

Change Category:
XXXXXXX ...

Scope:
XXXXXXX ...

Release Phase:
General Availability, Preview

Created:
2024-04-20

updated:
2024-08-10

Public Preview Start Date

XXXXXXX ...

Task Type

XXXXXXX ...

Docu to Check

XXXXXXX ...

MS How does it affect me

XXXXXXX ...

MS Preperations

XXXXXXX ...

MS Urgency

XXXXXXX ...

MS workload name

XXXXXXX ...

linked item details

XXXXXXX ...

Pictures

XXXXXXX ...

Direct effects for Operations**

- Direct Impact on IT Operations
- Increased Monitoring Requirements
- IT administrators will need to enhance monitoring of email activities due to the new alerts for potential data exfiltration to free public domain emails.
- Roles impacted: IT Security Team, Compliance Officers
- Additional training may be required for IT staff to understand the new features and how to respond to alerts effectively.
- Roles impacted: IT Support Staff, System Administrators
- Potential for Increased Incidents
- The introduction of this feature may lead to an increase in false positives, causing unnecessary alerts and potential disruptions in IT operations.
- Roles impacted: IT Operations Managers, Incident Response Teams
- If not managed properly, the heightened alert system could overwhelm IT resources, leading to slower response times for genuine incidents.
- Roles impacted: IT Helpdesk, Security Analysts

- Direct Impact on IT Services
- Changes to Compliance and Governance Policies
- Organizations may need to revise their data governance policies to align with the new capabilities of the Purview Insider Risk Management tool.
- Roles impacted: Compliance Managers, Data Governance Officers
- The need for updated documentation and training materials to reflect the changes in compliance monitoring and reporting.
- Roles impacted: Documentation Specialists, Training Coordinators
- Integration with Existing Systems
- The new feature may require integration with other security tools and systems, potentially leading to compatibility issues.
- Roles impacted: IT Architects, Systems Integrators
- Dependencies on other Microsoft 365 services may affect the rollout, necessitating thorough testing to ensure seamless operation.
- Roles impacted: Application Support Teams, Quality Assurance Analysts

For further information, you can refer to the official Microsoft documentation and roadmap:
- [Microsoft 365 Roadmap](https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=393334)
- [Microsoft Purview Compliance Portal](https://purview.microsoft.com/compliance)

Data Protection**

XXXXXXX ...paid membership only

** AI generated content. This information is not reliable.

the free basic plan is required to see all details. Sign up here


A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.



change history

DatePropertyoldnew
2024-08-10MC MessagesComing soon, Microsoft Purview Insider Risk Management will roll out exfiltration of business sensitive data to free public domain emails.
This message is associated with Microsoft 365 Roadmap ID 393334.
[When this will happen:]
Public Preview: We will begin rolling out mid-May 2024 and expect to complete by late May 2024.
General Availability: We will begin rolling out late June 2024 and expect to complete by early July 2024.
Updated August 9, 2024: We have updated the content below with additional information. Thank you for your patience.
Coming soon, Microsoft Purview Insider Risk Management will roll out exfiltration of business sensitive data to free public domain emails.

This message is associated with Microsoft 365 Roadmap ID 393334.
[When this will happen:]
Public Preview: We will begin rolling out mid-May 2024 and expect to complete by late May 2024.
General Availability: We will begin rolling out late June 2024 and expect to complete by early July 2024.
2024-08-10MC TitleMicrosoft Purview | Insider Risk Management: Exfiltration of business sensitive data to free public domain emails(Updated) Purview | Insider Risk Management: Exfiltration of business sensitive data to free public domain emails
2024-08-10MC How AffectIn this rollout, we are enhancing the existing email insight alerts to provide additional information when business sensitive data is potentially leaked from a work email account to a free public domain email, potentially leading to a data security incident. The new domain detection group Free public domains will list common domains used for personal email accounts. Admins with appropriate permissions can also choose to select these domains in their email indicator variants.
Any email going to free public domains (including email sent to self) will be automatically highlighted in email insights.
Updated email insight:

Free public domains:

New column and filters for email activities
We are enhancing the existing email insight alerts to provide additional information when business sensitive data is potentially leaked from a work email account to a free public domain email, potentially leading to a data security incident. The new domain detection group "Free public domains" will list the common domains used for personal email accounts. Admins with appropriate permissions can choose to select these domains in their indicator variants.
You can also modify the "Free public domains" detection group. Administrators with the necessary permissions now have the flexibility to tailor the default domain list in the "Free public domains" by adding new domains or removing existing ones. Should there be a need to revert to the original domain list provided by Microsoft, the "Reset" function can be utilized. The maximum number of domains allowed per detection group remains capped at 200, and this includes the "Free public domains" group. Any changes made to this group will be taken into account when analyzing potential data exfiltration to personal email accounts.
Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, data leakage, and security violations. Insider Risk Management enables customers to create policies based on their own internal policies, governance, and organizational requirements. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy.
Any email going to free public domains (including email sent to self) will be automatically highlighted in email insights.
Updated email insight:

Free public domains:

New column and filters for email activities
2024-08-10MC Last Updated04/20/2024 00:00:302024-08-09T20:44:46Z
2024-08-10MC MessageTagNamesNew feature, Admin impactUpdated message, New feature, Admin impact

Last updated 1 month ago

Share to MS Teams

Login to your account

Welcome Back, We Missed You!