Event details
what are the plans to include azure services in the Insider Risk Management solution,
All of the services in azure could be at risk to an insider, but I would start with those services that affect overall governance and compliance.
- Heather_Poulsen
Community Manager
Thanks for participating in the Tech Accelerator! For reference, the panel covered this topic at around 07:12. Actually, several actions which can be made in Azure services are observable in Priva-Purview ' like 38 ready-to-go DLP policies around Azure services. But you need to remember that we have hundreds of services solutions in Azure, and adaptation of the services, and protection via Priva/IRM/DLP/Compliance and more solutions, are applicable in a little bit slower way. Plus, as Erin explained, understanding what is happening and where and why how users perform some actions are important too. Additionally, from the Compliance Manager's perspective - action, security, and overall governance are by default sliced into 'boxes'/'siloses' like M365 and Azure, so even from this perspective, we need to have at least a different prospect view of the data.
- Patrick_David
Microsoft
Dean are you able to expand on what you mean by including Azure Services.changes to security controls that an insider would use to hide their tracks.
sending data out of an azure storage account.
- That is quite easy to discover - PIM can easily cover changes (Privileged Identity Management). Zero Trust + lowest possible permission via ready-to-go or custom RBAC are very helpful in this place. Sending data (especially more than usual you can control via alerts and Insights, which is well correlated with Sentinel. Plenty of options around it. Plus, for Storage, you can enable Purview in Azure as well.
- Heather_PoulsenWe'd love more detail on what specifically you're looking for, Dean.
