Purview Insider Risk management Use Cases

Dalesh07 · ‎Apr 12 2023

We have recently implemented a Insider Risk Policy for Data Leaks by Departing employee. The volume alert has been manageable for the past two weeks and we are looking into onboarding other use cases. I am just looking to see if there are someone who can share what other use cases are deployed by other organizations.

IsmKay · ‎May 07 2023

Hi @Dalesh07,

you can make use of smart alerts for system admins on risky user behavior. From there as a system admins you could proactively be shown alerts and insights of risky user behavior without having to first implement specific policies, then you can steer your policies for specific alerts you are interested in.
"Smart alerts are out-of-the-box alerts/insights for admins that are system generated and surface the top risks admins can triage as a priority. These are intelligent alerts that leverage various signals including user activity, source and target domains, across workloads and then combine them within and across solutions to flag high risk detections to system admins. They are not dependent on policies, and admins can benefit from these detections even if they don’t have policies in place."

Learn how Microsoft Purview Information Protection discovers and protects your most sensitive data -...

https://techcommunity.microsoft.com/t5/microsoft-365-defender/defender-365-smartalerts-user-exfiltra...

Thanks!

Products (51)

Special Topics (28)

Video Hub (447)

Most Active Hubs

Most Active Hubs

Video Hub

Purview Insider Risk management Use Cases

Purview Insider Risk management Use Cases

Re: Purview Insider Risk management Use Cases