MC788976 - Microsoft Purview | Insider Risk Management: New indicators with communication compliance policy matches

Coming soon: New indicators in Microsoft Purview | Insider Risk Management that use Microsoft Purview Communication Compliance policy matches to detect various communication risks, including inappropriate content and financial regulatory compliance violation breaches on channels like Microsoft Exchange, Microsoft Teams, Microsoft Viva Engage, Microsoft Copilot for Microsoft 365, or third-party channels.

This message is associated with Microsoft 365 Roadmap ID 382106.

When this will happen:

Public Preview: We will begin rolling out mid-May 2024 and expect to complete by late May 2024.

General Availability Worldwide: We will begin rolling out early June 2024 and expect to complete by late June 2024.

How this will affect your organization:

Often risky activities are not isolated events. Such activities are often followed by or occur with counterproductive workplace behavior. Determining whether these activities are inadvertent or intentional can be difficult. However, this new integration update makes Communication Compliance indicators available within Insider Risk Management, empowering risk teams to better differentiate intents and further detect risky actors.

Organizations can use these new indicators in data theft and data leaks policies. Messages with communication risks like inappropriate content or financial regulatory content are scored for risk and presented as insights in the Alert timeline, User activity, and Activity explorer.

The new indicators are off by default and can be enabled in Insider Risk Management settings.

Configure communication compliance indicators in Insider Risk Management settings:

Insider Risk Management alert with communication risks insights at Insider risk management > Alerts > Alert Name:

What you need to do to prepare:

Insider Risk admins with appropriate permissions can opt into these new indicators in the new Microsoft Purview portal (https://purview.microsoft.com/) or in the Purview compliance portal (https://purview.microsoft.com/) at Insider Risk Management settings.

This rollout will happen automatically by the specified date with no admin action required before the rollout. You may want to notify your admins about this change and update any relevant documentation as appropriate.

Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, data leakage, and security violations. Insider Risk Management enables customers to create policies based on their own internal policies, governance, and organizational requirements. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy.

Learn more: Configure policy indicators in insider risk management | Microsoft Learn