Skip to Content

MC340292: Insider Risk Management – new enhancements coming to public preview

Coming soon to public preview, we’re introducing several updates to improve your Insider risk management experience, including enhancements to Recommended actions, Alert triage, Audit logs, Sequence detector, and Cumulative exfiltration anomaly detector (CEAD).

This message is associated with Microsoft 365 Roadmap ID 88897, 88899, 88901, 82145, and 88908.

Microsoft 365 compliance center: Insider risk management – Enhancements to Recommended Actions

Enhancements include ability to turn on email notification for key events as well as additional suggestions to maximize value. Insider Risk Management in Microsoft 365 correlates various signals from the chip to the cloud to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to ensure user-level privacy.

Microsoft 365 compliance center: Insider risk management – Alert triage improvements

Various experience improvements based on feedback to accelerate time-to-action including ability to further drill into Sequences within Activity Explorer, new filtering capability as well as enhanced User Activity Timeline view which includes a richer alert history. Insider Risk Management in Microsoft 365 correlates various signals from the chip to the cloud to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to ensure user-level privacy.

Microsoft 365 compliance center: Insider risk management – Enhancement to Insider risk audit logs

Additional audit of events included in the Insider risk audit logs including activities within Content Explorer, Activity Explorer, and User Timeline. Insider Risk Management in Microsoft 365 correlates various signals from the chip to the cloud to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to ensure user-level privacy.

Microsoft 365 compliance center: Insider risk management – Enhancements to Sequence detector

Sequence detector will include new Sequences that start with activity on the device, as well as additional obfuscation and exfiltration coverage. Insider Risk Management in Microsoft 365 correlates various signals from the chip to the cloud to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to ensure user-level privacy.

Microsoft 365 compliance center: Insider risk management – Enhancements to Cumulative exfiltration anomaly detector (CEAD)

CEAD will include experience enhancements to make it easier to evaluate the risk as well as leverage priority content and document sensitivities to further prioritize alerts. Insider Risk Management in Microsoft 365 correlates various signals from the chip to the cloud to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to ensure user-level privacy.

MC340292: Insider Risk Management – new enhancements coming to public preview

When this will happen

Rollout will begin in late March and is expected to be complete by late April.

How this will affect your organization

The following enhancements will soon be available for Insider risk management features:

  • Recommended actions: Enhancements include ability to turn on email notification for key events as well as additional suggestions to maximize value.
  • Alert triage: Various experience improvements based on feedback to accelerate time-to-action including ability to further drill into Sequences within Activity Explorer, new filtering capability as well as enhanced User Activity Timeline view which includes a richer alert history.
  • Insider risk audit logs: Additional audit of events included in the Insider risk audit logs including activities within Content Explorer, Activity Explorer, and User Timeline.
  • Sequence detector: Sequence detector will include new Sequences that start with activity on the device, as well as additional obfuscation and exfiltration coverage.
  • Cumulative exfiltration anomaly detector: CEAD will include experience enhancements to make it easier to evaluate the risk as well as leverage priority content and document sensitivities to further prioritize alerts.

What you need to do to prepare

Insider Risk Management in Microsoft 365 correlates various signals from the chip to the cloud to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to ensure user-level privacy.

Access Insider Risk Management in the Microsoft 365 compliance center.

Learn more

Message ID: MC340292
Published: 08 March 2022
Updated: 08 March 2022
Stay Informed
#NewFeature #AdminImpact

Tags

Tags

Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

We have detected that you are using extensions to block ads. We need money to operate the site, and almost all of it comes from online advertising. Please support us by disabling these ads blocker.

Please disable ad blocker