MC937158 - Microsoft Purview | Insider Risk Management: New scenario-based policy templates

Coming soon to Microsoft Purview | Insider Risk Management: Two new preconfigured quick policy templates for Crown jewel protection and Email exfiltration. These templates are for admins who want to deploy scenario-specific policy templates with less configuration, to get started faster. The existing quick policies for Data leak and Data theft will continue to be available. You can find all four scenario-based quick policies in Insider Risk Management at Policies > Create Policies. Admins can expect additional turning after deploying these policies to meet individual alert volume needs.

This message is associated with Microsoft 365 Roadmap ID 409966.

When this will happen:

Public Preview: We will begin rolling out late November 2024 and expect to complete by mid-December 2024.

General Availability (Worldwide, GCC, GCC High, DoD): We will begin rolling out early February 2025 and expect to complete by late March 2025.

How this will affect your organization:

1. Sign in to Insider Risk Management with the admin role permissions
2. Go to the Policies page at https://purview.microsoft.com/insiderriskmgmt/policiespage
3. Select Create policy
4. Select Quick policies
5. Select either the Crown jewel protection policy or the Email exfiltration policy
6. Configure policy as applicable (add users to scope, optional priority content, and so on)

The new policies will be on by default.

What you need to do to prepare:

This rollout will happen automatically by the specified date with no admin action required before the rollout. Review your current configuration to determine the impact for your organization. You may want to notify your users about this change and update any relevant documentation.

Learn more: The Quick Policies section in Create and manage insider risk management policies | Microsoft Learn