MC937916 - Microsoft Purview | ​Insider Risk Management: Increase CPU and GPU device utilization limits for forensic evidence

Coming soon for Microsoft Purview Insider Risk Management: Admins will be able to increase the CPU and GPU device resource utilization limit for all devices uploading forensic evidence clips in their organization. After this rollout, forensic evidence will allow up to 31% CPU and GPU device resource utilization (compared to the prior maximum limit of 5%). This enhancement will give admins the option to reduce interruption in the recording and uploading of clips.

This message is associated with Microsoft 365 Roadmap ID 420940.

When this will happen:

General Availability (Worldwide): We will begin rolling out mid-November 2024 and expect to complete by mid-November 2024.

How this will affect your organization:

In IRM, go to Forensic Evidence to review the new limits:

This change will be available by default for admins to configure if desired.

What you need to do to prepare:

This rollout will happen automatically by the specified date with no admin action required before the rollout. After rollout, the setting will default to the previous system defaults, but admins will have an option to adjust as appropriate. Before updating the setting, we recommend you review your current configuration to determine the impact for your organization.

Learn more: Manage insider risk management forensic evidence | Microsoft Learn

Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, data leakage, and security violations. Insider Risk Management enables customers to create policies based on their own internal policies, governance, and organizational requirements. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy.