Microsoft Purview Insider Risk Management will be rolling out general availability of Enhancements to the unusual activity booster detection.
This message is associated with Microsoft 365 Roadmap ID 115493
[When this will happen:]
Rollout will begin at the end of November and is expected to be complete by end of December.
[How this will affect your organization:]
Today, admins can enable the risk score booster “Activity is above user’s usual activity for that day.” With this update, the model to detect unusual activity will be enhanced to improve the ability to detect when a user’s activity is unusual compared with their historical norms. If an admin has opted-in to the “Activity is above user’s usual activity for that day” risk score booster in settings, the organization might see fewer activities with the risk score booster.
[What you need to do to prepare:]
No action is required for this update.
Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, data leakage, and security violations. Insider Risk Management enables customers to create policies based on their own internal policies, governance, and organizational requirements. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy.
You can access the Insider Risk Management solution in the Microsoft Purview compliance portal.
