Microsoft Purview compliance portal: Insider Risk Management - Enriching Insider risk management with Communication compliance as an indicator

🚨 The Signal: Insider Risk Management now uses Communication Compliance policy matches as an indicator. This enhances detection of inappropriate text, financial regulatory breaches, and custom policy violations across M365 communication channels, improving internal threat detection.

The Impact

Security teams are affected by enhanced insider risk detection, reducing the risk of data exfiltration and policy violations.

• Security Teams: Improved detection of insider threats and policy breaches.
• Compliance Officers: Better visibility into potential regulatory violations.
• Legal Teams: Enhanced evidence for investigations into inappropriate conduct.
• Risk Managers: More comprehensive data for assessing internal risks.

The Action

1. Review existing Insider Risk Management policies for potential overlap or enhancement with Communication Compliance indicators.
2. Evaluate Communication Compliance policies to ensure they align with desired insider risk detection scenarios.
3. Monitor Insider Risk Management alerts for new insights generated by communication compliance indicators.
4. Train security analysts on the expanded capabilities and correlation between Communication Compliance and Insider Risk Management.

Domain: Purview · Impact: medium · Workload: Microsoft Purview