MC947048 - Microsoft Purview | Insider Risk Management- Risky AI usage

Service

Microsoft Purview

Last Updated

Mar 6, 2025

Published Dec 2, 2024

Tag

Updated message
New feature
User impact
Admin impact

Platforms

Web

Summary

Microsoft Purview Insider Risk Management will soon roll out risky AI usage detections. Public Preview starts in early December 2024, and General Availability begins mid-June 2025. Admins can prepare by using analytics, creating policies, and leveraging new Generative AI indicators. More details can be found [here](https://learn.microsoft.com/purview/insider-risk-management-policy-templates#risky-ai-usage-preview).

More information

Updated March 6, 2025: We have updated the rollout timeline below. Thank you for your patience.

Coming soon, Microsoft Purview Insider Risk Management will be rolling out risky AI usage detections

This message is associated with Microsoft 365 Roadmap ID 394281

When this will happen:

Public Preview: We will begin rolling out early December 2024 and expect to complete by mid-December 2024.

General Availability (Worldwide): We will begin rolling out mid-June 2025 (previously mid-August) and expect to complete by late August (previously late February). 

How this will affect your organization:

With this update, Insider risk management will help admins identify risky AI usage. We are adding new detections of intentional and unintentional insider risk activity on generative AI apps that can pose a risk to an organization. Activities will include risky prompts containing sensitive info or risky intent and sensitive responses containing sensitive info or generated from sensitive files or sites. Coverage will span across M365 Copilot, Copilot Studio and ChatGPT Enterprise. These detections will also contribute to Adaptive Protection insider risk levels.

What you need to do to prepare:

Below are some of the steps admin can take

  1. Get insights into risky AI usage at an organization level in an anonymized form using analytics
  2. Create Risky AI usage policy to track risky prompts and sensitive responses in M365 Copilot, Copilot Studio
  3. The activity explorer in alerts gives a single threaded view of prompt, response along with the sensitive information present
  4. Use the new Generative AI indicators in adaptive protection for user risk score

Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, data leakage, and security violations. Insider Risk Management enables customers to create policies based on their own internal policies, governance, and organizational requirements. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy. 

Main Admin link: Learn about insider risk management policy templates | Microsoft Learn