Skip to Content

MC442112: Microsoft Purview | Insider Risk Management: General availability of security and compliance user activity reports

Coming soon to general availability, we’re rolling out privacy-enabled security and compliance user activity reports within the Insider Risk Management solution. This feature is currently available in public preview (MC301681).

This message is associated with Microsoft 365 Roadmap ID 88491.

Privacy-enabled security and compliance user activity reports allow Insider Risk Management admins with the appropriate permissions to examine risky user actions that may lead to a potential data security incident, such as an employee attempting to download confidential files to a personal device, for specific users across a defined time period without having to assign them to an Insider Risk Management policy. This helps customers maintain scale and flexibility in cyber risk and data security incident management. Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, data leakage and security violations. Insider Risk Management enables customers to create policies to manage security and compliance. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy.

MC442112: Microsoft Purview | Insider Risk Management: General availability of security and compliance user activity reports

When this will happen

Rollout will begin in early October and is expected to be complete by late October.

How this will affect your organization

These reports allow Insider Risk Management admins with the appropriate permissions to examine risky user actions that may lead to a potential data security incident, such as an employee attempting to download confidential files to a personal device, for specific users across a defined time period without having to assign them to an Insider Risk Management policy. This helps customers maintain scale and flexibility in cyber risk and data security incident management.

You can get started from the Insider Risk Management overview page by selecting Manage reports in the Investigate user activity section and selecting Create user activity report. New reports typically take up to 10 hours before they’re ready for review. When the report is ready, you’ll see Report ready in the Status column on the User activity report page.

What you need to do to prepare

Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, data leakage, and security violations. Insider Risk Management enables customers to create policies to manage security and compliance. Built with privacy by design, users are pseudonymized by default, and role-based access controls and audit logs are in place to help ensure user-level privacy.

Get started with Insider Risk Management in the Microsoft Purview compliance portal:

Learn more

Message ID: MC442112
Published: 2022-10-04
Updated: 2022-10-04
Cloud instance(s): DoD, GCC High, Worldwide (Standard Multi-Tenant), GCC
Platform(s): US Instances, Web, World tenant

    Ads Blocker Image Powered by Code Help Pro

    Ads Blocker Detected!!!

    This site depends on revenue from ad impressions to survive. If you find this site valuable, please consider disabling your ad blocker.