Feb 29 2024 11:58 PM
Does risk management and communication compliance solutions investigate individual users?
Does it actually retain folders regarding each risk user with their identity visible to the compliance admin? I'm asking this as it correlates with user privacy issues.
Mar 04 2024 04:16 PM - edited Mar 04 2024 04:17 PM
@DarleneElohim You have two questions, I think.
Does MSFT Purview Insider Risk and Compliance Communication actually retain folders regarding each risk user with their identity visible to the compliance admin? The answer to that is "NO". That's done in two ways: masking identity and controlling access.
Do risk management and communication compliance solutions investigate individual users? I think the answer is "NO" unless a pseudonymous individual's cumulative behavior triggers an alert (e.g. doing something anomalous much more often than the average for others in that work role) or does something that appears to be a one time but serious violation like a breach of security policy. This July 2023 post, New Insider Risk Management features in general availability describes how that works. Unless an alert is triggered and the individual is being investigated for a violation, I don't think folders are kept on users that are accessible to compliance admins.