check before: 2024-07-01
Product:
Entra, Microsoft 365 Apps, Purview Communication Compliance, Purview Insider Risk Management
Platform:
US Instances, Web, World tenant
Status:
Launched
Change type:
New feature, Admin impact
Details:
Summary:
Microsoft Entra's Insider Risk condition in Conditional Access is now generally available. Organizations with an Entra ID P2 license can set up Conditional Access policies using insider risk signals from Adaptive Protection to enforce actions based on user risk levels. The rollout begins in early July 2024 and completes by early August 2024. Organizations must enable Adaptive Protection and obtain an Entra ID P2 license to use this feature.
Details:
As communicated in MC802699 Microsoft Purview | Insider Risk Management: Adaptive Protection + Conditional Access will be GA (June 17, 2024), Microsoft Entra ID Conditional Access integrated with Adaptive Protection-a powerful capability in Microsoft Purview-is coming soon to General Availability. The integration will allow organizations to set up Conditional Access policies that will utilize insider risk signals from Adaptive Protection to enforce actions, like blocks, on users with insider risk levels. For example, a Conditional Access policy with the Insider Risk condition can block elevated risk users from all Microsoft 365 applications while allowing minor risk users to continue to access company resources.
Organizations will need an Entra ID P2 license to use Conditional Access policies integrated with Adaptive Protection.
This message is associated with Microsoft 365 Roadmap ID 388737.
[When this will happen:]
General Availability (Worldwide, GCC, GCC High, DoD): We will begin rolling out early July 2024 and expect to complete by early August 2024.
Change Category:
XXXXXXX ... free basic plan only
Scope:
XXXXXXX ... free basic plan only
Release Phase:
General Availability
Created:
2024-07-02
updated:
2024-08-10
Task Type
XXXXXXX ... free basic plan only
Docu to Check
XXXXXXX ... free basic plan only
MS How does it affect me
XXXXXXX ... free basic plan only
MS Preperations
XXXXXXX ... free basic plan only
MS Urgency
XXXXXXX ... free basic plan only
MS workload name
XXXXXXX ... free basic plan only
linked item details
XXXXXXX ... free basic plan only
Pictures
XXXXXXX ... free basic plan only
Direct effects for Operations**
Access Restrictions for Elevated Risk Users
Users identified as having elevated insider risk levels may be blocked from accessing Microsoft 365 applications, potentially disrupting their workflow and productivity.
- roles: End Users, IT Administrators
- references: https://learn.microsoft.com/entra/identity/conditional-access/how-to-policy-insider-risk, https://www.microsoft.com/security/business/microsoft-entra-pricing
Need for Entra ID P2 License
Organizations without an Entra ID P2 license will be unable to utilize the new Conditional Access policies, leading to a lack of necessary security measures and potential vulnerabilities.
- roles: Compliance Officers, IT Administrators
- references: https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=388737, https://techcommunity.microsoft.com/t5/security-compliance-and-identity/the-dynamic-duo-for-your-data-security-adaptive-protection/ba-p/4079264
Default Policy Changes
The default Insider Risk Conditional Access policy will change to block elevated risk users from all Microsoft 365 applications, which may lead to unexpected access issues for users previously allowed access.
- roles: End Users, IT Support Staff
- references: https://learn.microsoft.com/purview/insider-risk-management-adaptive-protection?tabs=purview-portal, https://www.microsoft.com/security/business/microsoft-entra-pricing
Configutation Options**
XXXXXXX ... free basic plan only
Opportunities**
XXXXXXX ... free basic plan only
Potentional Risks**
XXXXXXX ... free basic plan only
Data Protection**
XXXXXXX ... paid membership only
IT Security**
XXXXXXX ... paid membership only
Hypothetical Work Council Statement**
XXXXXXX ... paid membership only
DPIA**
XXXXXXX ... paid membership only
** AI generated content. This information is not reliable.
the free basic plan is required to see all details. Sign up here
A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.
Last updated 2 months ago