Coming soon to public preview, Microsoft Purview Insider Risk Management will be rolling out enhancements for potential high impact users and sensitivity analysis for policy tuning.
This message is associated with Microsoft 365 Roadmap ID 156014, 156016
[When this will happen:]
Rollout will begin in mid-August and is expected to be completed by early October 2023.
[How this will affect your organization:]
- Potential high impact user experience enhancements: We will make some minor experience changes when a user has been detected as a potential high impact user whose activities may lead to potential data security incidents. These changes will include improving accessibility and providing more prominent highlighting of the reasons for being detected as a potential high impact user. Additionally, we will provide additional descriptors regarding how the score booster is applied to the user.
- Sensitivity analysis for policy tuning: With this update, admins with appropriate permissions will have the ability to view a sensitivity analysis of the count of users in the organization that would meet specific data security risk indicator thresholds. The sensitivity analysis is presented as a bar chart, with potential inputs of an data security risk indicator threshold on the x-axis and the corresponding count of users on the y-axis. Admins can utilize this chart to make informed decisions on which threshold to apply for each indicator.
[What you need to do to prepare:]
No action is needed to enable these features. You will see the potential high impact user experience enhancements on the alert/case detail pages and the sensitivity analysis for policy tuning in the policy wizard when configuring the indicator thresholds.
Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, data leakage, and security violations. Insider Risk Management enables customers to create policies based on their own internal policies, governance, and organizational requirements. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy.
You can access the Insider Risk Management solution in the Microsoft Purview compliance portal.
Learn more: Create and manage insider risk management policies – Microsoft Purview (compliance) | Microsoft Learn
Investigate insider risk management activities – Microsoft Purview (compliance) | Microsoft Learn
https://learn.microsoft.com/purview/insider-risk-management-activities?view=o365-worldwide
