M365 Archive

RM496149 - Microsoft Purview compliance portal: Insider Risk Management - Personal email triggers

Microsoft 365 Roadmap

Roadmap ID

496149

View in M365 Roadmap

Status

Launched

Release

General Availability
Preview

Last Updated

Nov 19, 2025

Published Aug 8, 2025

Platforms

Web

Service

Microsoft Purview

Tag

Launched
General Availability
Preview
Worldwide (Standard Multi-Tenant)
GCC
GCC High
DoD

Cloud

DoD
GCC
GCC High
Worldwide (Standard Multi-Tenant)

Summary

In this update, we are adding the recently added email indicators in Insider Risk Management as triggers. 1. Sending email with attachments to free public domains - Users will be brought into scope of a policy when business-sensitive data is potentially leaked from a work email account to a free public domain email, potentially leading to a data security incident. 2. Sending email with attachments to self - Users will be brought into scope of a policy when business-sensitive data is potentially leaked from a work email account to user's personal email account or emailing self, potentially leading to a data security incident.

Description

In this update, we are adding the recently added email indicators in Insider Risk Management as triggers. 1. Sending email with attachments to free public domains - Users will be brought into scope of a policy when business-sensitive data is potentially leaked from a work email account to a free public domain email, potentially leading to a data security incident. 2. Sending email with attachments to self - Users will be brought into scope of a policy when business-sensitive data is potentially leaked from a work email account to user's personal email account or emailing self, potentially leading to a data security incident.

Admins with appropriate permissions can enable these indicators from the settings page and use these triggers in the data leaks or data leaks by priority users template.

GA date: November CY2025

Preview date: July CY2025