Skip to Content

MC394842: Microsoft Purview: Exact Data Match support for eDiscovery and Insider Risk Management

Microsoft Purview eDiscovery search queries and Microsoft Purview Insider Risk Management policy configuration will now support Exact Data Match (EDM) classification capabilities. This message is associated with Microsoft 365 Roadmap ID 93286 and 93287.

Organizations will be able to include Exact Data Match (EDM) Sensitive Information Types (SITs) when searching for sensitive data using the eDiscovery search tools.

Organizations will be able to configure new or existing Insider Risk Management policies using Exact Data Match Sensitive Information Types, enabling more assertive control in specifying policies to identify risk indicators. Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy.

MC394842: Microsoft Purview: Exact Data Match support for eDiscovery and Insider Risk Management

When this will happen

Rollout will begin in mid-June and is expected to be complete by late June.

How this will affect your organization

EDM-based classification enables organizations to create custom sensitive information types (SITs) that refer to exact values in a database of sensitive information. With this update, organizations will be able to include EDM SITs when searching for sensitive data using the Microsoft Purview eDiscovery search tools.

Additionally, organizations will be able to configure new or existing Insider Risk Management policies using EDM SITs, enabling more assertive control in specifying policies to identify risk indicators. The precise nature of EDM reduces risk of false positives, thus signals detected using EDM-based classification may be considered stronger indicators of risk. For example, a user gathering what appears to be customer personally identifiable information (PII) in a local drive may be considered a stronger signal of risky activity if the data is detected through EDM since it is far more likely to be customer PII than non-relevant PII or false positives.

What you need to do to prepare

Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, security and policy violations, and more. Insider Risk Management enables customers to create policies based on their own internal policies, governance, and organizational requirements. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy.

You can access the eDiscovery and Insider Risk Management solutions here:

Learn more

Message ID: MC394842
Published: 23 June 2022
Updated: 23 June 2022

Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

We have detected that you are using extensions to block ads. We need money to operate the site, and almost all of it comes from online advertising. Please support us by disabling these ads blocker.

Please disable ad blocker