This feature allows admins to easily open Content Viewer and view the content of the document that has triggered a DLP alert. Admins can pass the event ID and the creation time of the DLP rule match alert to the deep link to open and view the related document in the Content Viewer.
Get started quickly with Insider Risk Management Quick Policies. We are further enhancing our onboarding experience with an easy one-step to policy creation: from the analytics insights or the “Create your first policy” Recommended Actions task, administrators can now easily create a policy with just a couple clicks. Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy.
More info: https://docs.microsoft.com/en-us/microsoft-365/compliance/insider-risk-management-solution-overview?view=o365-worldwide
Updates are being made to the Insider Risk Management policy wizard. We are splitting our Indicators step of the wizard into two steps (step 1- indicators, step 2- sequence detection, cumulative exfiltration detection, and risk score boosters) to enable an easier experience. Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy.
More info: https://docs.microsoft.com/microsoft-365/compliance/insider-risk-management-solution-overview?view=o365-worldwide
Microsoft Purview Information Protection sensitivity labels are natively integrated into Adobe Acrobat, enabling users to manually label files in Acrobat on the desktop (Windows and macOS).
The eDiscovery (Standard and Premium) jobs limit will be updated to provide users with better clarity on operational limit across the tenant. With simplified fewer jobs related limit, users will have better flexibility in managing these limits and how they are shared among different job types across the eDiscovery workflow.
Admins can configure their auto-labeling policies to be automatically turned on if there aren’t any changes to the policy within a set number of days from simulation completion. This configuration option will be available in the auto-labeling policy setup in the Microsoft Purview compliance portal and via cmdlet.
More info: https://docs.microsoft.com/en-us/microsoft-365/compliance/apply-sensitivity-label-automatically?view=o365-worldwide
This feature provides a singular view for incident management across solutions by making the Microsoft Purview Data Loss Prevention incidents available in the unified incidents queue in the Microsoft Defender portal. In addition, customers can also leverage the M365 Defender connector in Microsoft Sentinel to import all DLP incidents into Sentinel to extend correlation, detection, and investigation across additional Microsoft and non-Microsoft data sources and extend automated orchestration flows using Sentinels native SOAR capabilities.
Data Loss Prevention (DLP) administrators will be able to clone and edit existing policies seamlessly.
This feature will reduce the detection to investigation time to under an hour, allowing your organization to respond promptly to policy violations. The alert will be reviewed by a policy investigator, who is explicitly granted permission to review policy alerts by the Communication Compliance admin role. Microsoft Purview Communication Compliance helps organizations detect explicit code of conduct and regulatory compliance violations, such as harassing or threatening language, sharing of adult content, and inappropriate sharing of sensitive information. Built with privacy by design, usernames are pseudonymized by default, role-based access controls are built in, investigators are explicitly opted in by an admin, and audit logs are in place to help ensure user-level privacy.
More info: https://docs.microsoft.com/en-us/microsoft-365/compliance/communication-compliance-investigate-remediate?view=o365-worldwide
The chronological order of risky activities is an important aspect of risk investigation and identifying these related activities can help to better identify which activities pose a bigger risk. In Insider Risk Management, you can detect these activities with a sequence detection. Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy.
More info: https://docs.microsoft.com/en-us/microsoft-365/compliance/insider-risk-management?view=o365-worldwide
I've been working with Microsoft Technologies over the last ten years, mainly focused on creating collaboration and productivity solutions that drive the adoption of Microsoft Modern Workplace.
Found my content useful?
Buy Me a Beer
HANDS ON SharePoint
HANDS ON Teams
HANDS ON Lists
HANDS ON tek
M365 Admin
