Microsoft Purview compliance portal: Generative AI apps activities as triggers in IRM

🚨 The Signal: Microsoft Purview Insider Risk Management can now use generative AI app activity as a trigger for risky usage policies. This enhances detection of data leakage and security violations related to AI tool use.

The Impact

Security teams and compliance officers are affected by enhanced monitoring capabilities for AI-related data risks.

• Security Teams: Gain new signals to detect potential data exfiltration via AI apps.
• Compliance Officers: Better enforce data handling policies for AI tool usage.
• Data Owners: Improved protection against inadvertent or malicious data exposure through AI.
• Legal Teams: Enhanced audit trails for AI-related data incidents.

The Action

1. Navigate to Microsoft Purview compliance portal > Insider Risk Management > Policies.
2. Create a new policy or edit an existing 'Risky AI usage policy'.
3. In the 'Triggers' section, configure conditions to include 'Generative AI apps activities'.
4. Define the specific generative AI app indicators and risk scores for policy scope.
5. Review and publish the updated or new policy.

Domain: Purview · Impact: high · Workload: Microsoft Purview