Microsoft Purview compliance portal: Insider Risk Management – Exfiltration of business sensitive data to free public domain emails

Microsoft Purview has introduced a new feature to enhance email insight alerts by providing additional information when sensitive business data is potentially leaked from a work email account to a free public domain email, which could result in a data security incident. This feature includes a new domain detection group named "Free public domains," which lists common domains used for personal email accounts. Admins can select these domains in their indicator variants as required. Microsoft Purview Insider Risk Management utilizes various signals to identify potential insider risks, such as IP theft, data leakage, and security violations. The platform enables customers to create policies based on their own governance, policies, and organizational requirements. The solution is built with privacy by design features, such as pseudonymization of users by default and role-based access controls to ensure user-level privacy, with audit logs in place. This feature is generally available as of July CY2024, and it's available on the web-based cloud instance GCC High, DoD, and GCC.

The post Microsoft Purview compliance portal: Insider Risk Management – Exfiltration of business sensitive data to free public domain emails originally appeared on M365 Admin.