Updated: We have updated the timeline for gov clouds. Thank you for your patience.
Microsoft Purview Insider Risk Management will
be rolling out enhancements to user scoping features in Policies.
This message is associated with Microsoft 365 Roadmap ID 484081.
When this will happen:
Public Preview: We will begin rolling out on mid-April 2025 and expect to complete by late April 2025.
General Availability (Worldwide): We will begin rolling out in late June 2025 and expect to complete by early July 2025.
General Availability (GCC, GCC High, DoD): We will begin rolling out in early October 2025 and expect to complete by late January 2026 (previously early November 2025.2025).
How this will affect your organization:
With this new feature, Insider Risk Management administrators
can include or exclude specific users, groups, and adaptive scopes within
Policies. We are also adding support for non-email enabled Security Groups
within Insider Risk Management policies.
What you need to do to prepare:
Insider Risk ManagmentManagement admins with appropriate permissions can select
combinations of users, groups, and adaptive scopes to include or exclude from
Insider Risk Management policies in the Microsoft
Purview portal. Insider Risk Management admins can also choose non-email enabled
Security Groups in the Users & Groups step of Insider Risk Management policies.
Microsoft Purview Insider Risk Management correlates various
signals to identify potential malicious or inadvertent insider risks, such as
IP theft, data leakage, and security violations. Insider Risk Management enables
customers to create policies based on their own internal policies, governance, and organizational requirements. Built with privacy by design, users are
pseudonymized by default, and role-based access controls and audit logs are in
place to help ensure user-level privacy.