Microsoft Purview compliance portal: Insider Risk Management – Forensic evidence (U.S. Government clouds)

Originally posted by Microsoft Jul 26, 2023 Uncategorized 0 Comments

The forensic evidence capability is an opt-in add-in to Insider Risk Management, helping customers’ security teams get visual insights into potentially risky user actions that might lead to a data security incident. Forensic evidence is off by default and policy creation requires dual authorization. Customers determine what triggers the feature and manage investigation processes. Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, data leakage, and security violations. Insider Risk Management enables customers to create policies to manage security and compliance. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy.

Product
Release phase General Availability
Release date September CY2023
Platform Web
Cloud Instance GCC, GCC High, DoD
Created 2023-07-26
Roadmap ID 117565
Roadmap Link https://www.microsoft.com/microsoft-365/roadmap?featureid=117565

No comments yet

Leave a Reply

Joao Ferreira

I've been working with Microsoft Technologies over the last ten years, mainly focused on creating collaboration and productivity solutions that drive the adoption of Microsoft Modern Workplace.

%d bloggers like this: