Coming soon, Microsoft Purview Insider Risk Management will be rolling out improvements to “Deleting of SharePoint files/ folders” indicators.
This message is associated with Microsoft 365 Roadmap ID 388734.
[When this will happen:]
General Availability (Worldwide): We will begin rolling out early April 2024 and expect to complete by late April 2024
[How this will affect your organization:]
Today “Deleting of SharePoint files” and “Deleting of SharePoint folders” indicators include permanent file or folder deletion event operations FileDeleted and FolderDeleted. With this rollout, these indicators will also capture files/folders moved to the recycle bin (FileRecycled and FolderRecycled). So, you soon will see more activities being captured by these indicators.
[What you need to do to prepare:]
No action is required for this update. Based on activities volume and alert volume, you may want to consider tweaking the thresholds of respective indicators.
Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, data leakage, and security violations. Insider Risk Management enables customers to create policies based on their own internal policies, governance, and organizational requirements. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy.
You can access the Insider Risk Management solution in the Microsoft Purview compliance portal.
Learn more: Configure policy indicators in insider risk management | Microsoft Learn