Microsoft Purview Compliance Portal: Timeline view of user activity

🚨 The Signal: Microsoft Purview now provides a timeline of user interactions, including those with generative AI, to help reviewers understand context for data security and compliance incidents. This improves incident investigation and response.

The Impact

Security and compliance teams are affected, gaining better context for investigating data security risks.

• Security Teams: Improved context for data loss prevention (DLP) investigations.
• Compliance Teams: Streamlined review of user activities and policy violations.
• Data Stewards: Enhanced ability to identify and respond to risky data interactions.
• AI Governance Teams: Better visibility into user interactions with generative AI applications.

The Action

1. Review Purview Data Loss Prevention (DLP) policies for generative AI interactions: https://compliance.microsoft.com/datalossprevention
2. Familiarize security and compliance teams with the new timeline view in Purview: https://compliance.microsoft.com/incidents
3. Update incident response playbooks to leverage the enhanced user activity context.
4. Assess existing Purview roles and permissions to ensure appropriate access to the timeline view.

Domain: Purview · Impact: medium · Workload: Microsoft Purview