Microsoft Purview Insider Risk Management is introducing enhancements for detecting potential high-impact users, including improved accessibility and detailed reasons for detections on the Alerts page. These updates are associated with Roadmap IDs 156016 and 171720, and will roll out between late August and early September 2024. The feature is on by default and requires no action to enable.
Microsoft Purview Insider Risk Management will be rolling out minor changes for when it detects a potential high impact user whose activities may lead to potential data security incidents. These changes will include improving accessibility and more prominently highlighting the reasons for the detection on the Alert page. Also, we will provide additional descriptors for how the risk score booster is applied to the user.
This message is associated with Microsoft 365 Roadmap ID 156016 and Roadmap ID 171720.
When this will happen:
General Availability (Worldwide, GCC, GCC High, DoD): We will begin rolling out late August 2024 and expect to complete the rollout by early September 2024.
How this will affect your organization:
Before this rollout, the Alerts page had fewer details about why the user was detected as potential high impact user.
After this rollout, The Alert page will have improved accessibility, it will be easier to see the reasons for the detection of a potential high impact user, and admins will have additional descriptors for how the score booster is applied to the user.
This feature is on by default and accessible to all Purview admins with appropriate permissions.
What you need to do to prepare:
No action is needed to enable these features. You will see the potential high impact user experience enhancements on the alert/case detail pages.
Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, data leakage, and security violations. Insider Risk Management enables customers to create policies based on their own internal policies, governance, and organizational requirements. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy.
You can access the Insider Risk Management solution in the Microsoft Purview compliance portal.
Learn more
This rollout will happen automatically by the specified dates. You may want to notify your admins about this change and update any relevant documentation.