check before: 2025-03-01
Product:
Purview Communication Compliance, Purview Data Loss Prevention, Purview Information Protection, Purview Insider Risk Management
Platform:
Online, US Instances, Web, World tenant
Status:
In development
Change type:
New feature, Admin impact
Links:
Details:
Coming soon to Microsoft Purview Insider Risk Management (IRM) admins will be able to select Data Loss Prevention (DLP) alerts as indicators in IRM policies. After this rollout, IRM admins can select DLP policies that they would like to bring into IRM and detect if a user has alerts for the pre-selected DLP policies. When an IRM alert is generated, admin and analysts can see if there are any high-risk alerts for this user within DLP for the policies that are enabled as indicators. This feature will help admins and analysts view this information in IRM without switching to DLP.
This message is associated with Microsoft 365 Roadmap ID 475057.
[When this will happen:]
Public Preview: We will begin rolling out early March 2025 and expect to complete by late March 2025.
General Availability (Worldwide, GCC, GCC High, DoD): We will begin rolling out late May 2025 and expect to complete by mid-June 2025.
Change Category:
XXXXXXX ... free basic plan only
Scope:
XXXXXXX ... free basic plan only
Release Phase:
General Availability, Preview
Created:
2025-01-29
updated:
2025-01-29
Public Preview Start Date
XXXXXXX ... free basic plan only
Task Type
XXXXXXX ... free basic plan only
Docu to Check
XXXXXXX ... free basic plan only
MS How does it affect me
XXXXXXX ... free basic plan only
MS Preperations
XXXXXXX ... free basic plan only
MS Urgency
XXXXXXX ... free basic plan only
MS workload name
XXXXXXX ... free basic plan only
linked item details
XXXXXXX ... free basic plan only
Pictures
XXXXXXX ... free basic plan only
summary for non-techies**
XXXXXXX ... free basic plan only
Direct effects for Operations**
DLP Alerts Integration
Without proper preparation, the integration of DLP alerts into IRM policies may lead to confusion among admins regarding the new alert system, potentially resulting in missed high-risk alerts and delayed responses to insider threats.
- roles: IRM Admins, Security Analysts
- references: https://learn.microsoft.com/purview/insider-risk-management-settings-policy-indicators?tabs=purview-portal, https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=475057
Policy Configuration Changes
The automatic rollout of the new feature may cause existing policies to become misconfigured if admins are unaware of the changes, leading to ineffective monitoring and increased risk of data leaks.
- roles: IRM Admins, Compliance Officers
- references: https://learn.microsoft.com/purview/insider-risk-management-settings-policy-indicators?tabs=purview-portal, https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=475057
Configutation Options**
XXXXXXX ... paid membership only
Data Protection**
XXXXXXX ... paid membership only
IT Security**
XXXXXXX ... paid membership only
explanation for non-techies**
XXXXXXX ... free basic plan only
** AI generated content. This information must be reviewed before use.
a free basic plan is required to see more details. Sign up here
A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.
