As announced at Ignite, we’re introducing new features in public preview to extend your Insider risk management solution, including integration with Microsoft Sentinel, support for exfiltration signals from macOS, and a new healthcare connector and policy template. This message is associated with Microsoft 365 Roadmap ID 82151, 82152, and 82153.
Microsoft 365 compliance center: Insider risk management – Integration with Sentinel
New integration with Azure Sentinel provides the flexibility to collect, detect, and investigate insider risk activities within Azure Sentinel. This native connector allows for seamless import of alerts, which provides analysts with a single pane of glass to review alerts for insider risk in a broader organizational context.
Microsoft 365 compliance center: Insider risk management – Exfiltration signals from macOS
Endpoint exfiltration signals for Office, PDF, and CSV files from macOS endpoints.
Microsoft 365 compliance center: Insider risk management – Healthcare connector and policy template
New healthcare policy template with built-in indicators that leverages data from Epic and other electronic medical records (EMR) solutions – using our Data Connectors – to help healthcare companies identify potential insider risks related to patient data misuse.
When this will happen
Rollout will begin in early November and is expected to be complete by early December.
How this will affect your organization
Integration with Microsoft Sentinel
New integration with Microsoft Sentinel provides the flexibility to collect, detect, and investigate insider risk activities within Microsoft Sentinel. This native connector allows for seamless import of alerts, which provides analysts with a single pane of glass to review alerts for insider risk in a broader organizational context.
Expanded coverage with macOS support
This update introduces support for endpoint exfiltration signals for Office, PDF, and CSV files from macOS endpoints which will expand the scope of insider risk detections across your environment.
Healthcare connector and policy template
To help reduce insider risks within the Healthcare industry, we’re introducing a new healthcare policy template that connects into Epic and other electronic medical records (EMR) solutions – using our Data Connectors – to help healthcare companies identify potential insider risks related to patient data misuse.
What you need to do to prepare
Review and assess for your organization.
Learn more
- Get started with insider risk management
- Microsoft Sentinel introduces enhancements in machine learning and productivity at Ignite 2021
- Find your Microsoft Sentinel data connector
Message ID: MC295822
Published: 02 November 2021
Updated: 02 November 2021
#NewFeature #AdminImpact
Stay Informed