Microsoft Purview | Insider Risk Management: Exfiltration of business sensitive data to free public domain emails

Originally posted by Microsoft Apr 22, 2024 Uncategorized 0 Comments

Microsoft Purview Insider Risk Management is introducing a feature to detect exfiltration of sensitive data to free public domain emails, with a public preview in mid-May 2024 and general availability in late June 2024. The update enhances email insight alerts and adds new domain detection for better security incident prevention.

Coming soon, Microsoft Purview Insider Risk Management will roll out exfiltration of business sensitive data to free public domain emails.

This message is associated with Microsoft 365 Roadmap ID 393334.

When this will happen:

Public Preview: We will begin rolling out mid-May 2024 and expect to complete by late May 2024.

General Availability: We will begin rolling out late June 2024 and expect to complete by early July 2024.

How this will affect your organization:

In this rollout, we are enhancing the existing email insight alerts to provide additional information when business sensitive data is potentially leaked from a work email account to a free public domain email, potentially leading to a data security incident. The new domain detection group Free public domains will list common domains used for personal email accounts. Admins with appropriate permissions can also choose to select these domains in their email indicator variants.

Any email going to free public domains (including email sent to self) will be automatically highlighted in email insights.

Updated email insight:

admin settingsView image in new tab

Free public domains:

admin settingsView image in new tab

New column and filters for email activities:

What you need to do to prepare:

admin settingsView image in new tab

This rollout will happen automatically by the specified date with no admin action required before the rollout.

You may want to update any relevant documentation as appropriate. We will update this comm before rollout with revised documentation.

Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, data leakage, and security violations. Insider Risk Management enables customers to create policies based on their own internal policies, governance, and organizational requirements. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy. 

You can access the Insider Risk Management solution in the Microsoft Purview compliance portal.

Message ID: MC781588

Comments are closed.

Joao Ferreira

I've been working with Microsoft Technologies over the last ten years, mainly focused on creating collaboration and productivity solutions that drive the adoption of Microsoft Modern Workplace.

%d bloggers like this: