Microsoft Purview compliance portal: Insider Risk Management-Insider risk insights in DLP alerts

Microsoft Purview, in collaboration with Microsoft Defender, has updated its Insider Risk Management feature to enable DLP analysts to access an insider risk summary of user activities that may lead to potential data security incidents as part of the DLP alert investigation experience. This feature aims to help analysts gain context of a DLP alert and make informed decisions on responses to potential incidents.

The Microsoft Purview Insider Risk Management feature correlates signals to identify potential malicious or inadvertent insider risks, such as IP theft, data leakage, and security violations. Organizations can customize policies based on internal policies, governance, and organizational requirements. The feature is designed with privacy-by-default principles and includes pseudonymization of users by default, role-based access controls, and audit logs in place to help ensure user-level privacy.

This update is generally available and was released in June CY2024. It can be accessed via the cloud instance of web platforms such as DoD, GCC High, and GCC.

The post Microsoft Purview compliance portal: Insider Risk Management-Insider risk insights in DLP alerts was originally published on M365 Admin.