Microsoft Purview compliance center: Insider Risk Management - Policy scoping enhancements

🚨 The Signal: Insider Risk Management policies can now precisely include or exclude specific users, groups, and adaptive scopes. This enhances control over data leakage and IP theft detection, allowing more granular policy application.

The Impact

Security teams gain granular control over insider risk policies, reducing the risk of data exfiltration and intellectual property theft.

• Security Teams: Reduced false positives in insider risk alerts.
• Security Teams: Improved accuracy in identifying data leakage.
• Security Teams: Enhanced ability to protect sensitive intellectual property.
• Compliance Teams: Better alignment with regulatory requirements for data protection.

The Action

1. Navigate to Microsoft Purview compliance portal > Insider Risk Management > Policies.
2. Edit existing policies or create new ones.
3. In the 'Users and groups' section, use the 'Include or exclude specific users, groups, and adaptive scopes' options.
4. Add non-mail enabled Security Groups as needed for policy scoping.
5. Review and publish updated policies to ensure precise targeting.

Domain: Purview · Impact: high · Workload: Microsoft Purview